revistagalileu.globo.com Open in urlscan Pro
201.7.177.250 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://revistagalileu.globo.com/
Effective URL:
https://revistagalileu.globo.com/
Submission: On January 19 via api (January 19th 2024, 4:42:42 am UTC) from US — Scanned from DE

Summary HTTP 700 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 107 IPs in 11 countries across 70 domains to perform 700 HTTP transactions. The main IP is 201.7.177.250, located in Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is revistagalileu.globo.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on November 29th 2023. Valid for: a year.

This is the only time revistagalileu.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	201.7.177.250 201.7.177.250	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
35	186.192.83.2 186.192.83.2	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
6	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	34.151.224.123 34.151.224.123	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
19	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	186.192.91.5 186.192.91.5	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
32	186.192.91.9 186.192.91.9	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
5	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
15	2606:4700::68... 2606:4700::6812:dff8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:4222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	34.110.201.227 34.110.201.227	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:ae00:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2 6	18.245.60.53 18.245.60.53	16509 (AMAZON-02) (AMAZON-02)
3	35.211.79.33 35.211.79.33	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
5 16	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 12	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 9	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.194.101.149 54.194.101.149	16509 (AMAZON-02) (AMAZON-02)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::201b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700:303... 2606:4700:3033::6815:325a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	18.245.31.106 18.245.31.106	16509 (AMAZON-02) (AMAZON-02)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6	5.196.111.64 5.196.111.64	16276 (OVH) (OVH)
6	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
6	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:26f0:480... 2a02:26f0:480:ba2::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:c276	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	141.94.254.117 141.94.254.117	16276 (OVH) (OVH)
1	34.209.32.186 34.209.32.186	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:303... 2606:4700:3033::ac43:9fa2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6812:b07e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.198.44.170 35.198.44.170	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.95.229.88 34.95.229.88	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
30	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:29aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	167.235.124.60 167.235.124.60	24940 (HETZNER-AS) (HETZNER-AS)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2 4	34.251.209.93 34.251.209.93	16509 (AMAZON-02) (AMAZON-02)
2	2.19.104.4 2.19.104.4	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.209.60.100 52.209.60.100	16509 (AMAZON-02) (AMAZON-02)
14	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
6	2600:9000:223... 2600:9000:223f:8000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f13:800... 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
8	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:7711	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
2 2	216.52.2.16 216.52.2.16	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	2600:9000:211... 2600:9000:211e:ac00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.108 143.204.98.108	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.89 143.204.215.89	16509 (AMAZON-02) (AMAZON-02)
12	52.29.17.70 52.29.17.70	16509 (AMAZON-02) (AMAZON-02)
1	18.245.31.27 18.245.31.27	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.93.105.182 54.93.105.182	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	2a05:d018:d29... 2a05:d018:d29:3601:fb9e:de5f:307d:4267	16509 (AMAZON-02) (AMAZON-02)
6	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
105	34.192.191.169 34.192.191.169	14618 (AMAZON-AES) (AMAZON-AES)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2607:ae80:4::25 2607:ae80:4::25	26558 (FREEWHEEL) (FREEWHEEL)
1	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
51	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:818::2003	15169 (GOOGLE) (GOOGLE)
1	186.192.81.117 186.192.81.117	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
10	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
6	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	18.173.233.75 18.173.233.75	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:1b::a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.226 142.250.185.226	() ()
700	107

3 201.7.177.250 (Brazil) 1 redirects

ASN28604 (Globo Comunicacao e Participacoes SA, BR)

revistagalileu.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 186.192.83.2 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-83-2.prt.globo.com

s3.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.151.224.123 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 123.224.151.34.bc.googleusercontent.com

static.infoglobo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 186.192.91.5 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com

barra.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 186.192.91.9 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com

s2-galileu.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s2.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.202.187 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:dff8 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:4222 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.110.201.227 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 227.201.110.34.bc.googleusercontent.com

id.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:ae00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.245.60.53 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-53.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.79.33 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 33.79.211.35.bc.googleusercontent.com

horizon.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
horizon-track.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.16.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.252.171.52 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.101.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gadasource.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
experiences.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidanalytics.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-106.fra56.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 5.196.111.64 (Lille, France)

ASN16276 (OVH, FR)
PTR: ip64.ip-5-196-111.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:ba2::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.94.254.117 (France)

ASN16276 (OVH, FR)
PTR: haproxy07.cl13.ovh.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.32.186 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-32-186.us-west-2.compute.amazonaws.com

ivccf.ivcbrasil.org.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)

flowcards.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:b07e (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.198.44.170 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.44.198.35.bc.googleusercontent.com

usergate.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.229.88 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.229.95.34.bc.googleusercontent.com

globo-ab.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:29aa (United States)

ASN13335 (CLOUDFLARENET, US)

d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.124.60 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0038.cxense.com

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.251.209.93 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-209-93.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.104.4 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-4.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.60.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-60-100.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223f:8000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7711 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:ac00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-108.fra50.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-89.fra53.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.29.17.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-27.fra56.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.105.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-105-182.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3601:fb9e:de5f:307d:4267 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

105 34.192.191.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-191-169.compute-1.amazonaws.com

p.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:ae80:4::25 (United States) 1 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:818::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.81.117 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com

horizon-schemas.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-12842-2.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.233.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-75.dus51.r.cloudfront.net

v.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:1b::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr5---sn-4g5lzney.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
109	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 35358 go.trvdp.com — Cisco Umbrella Rank: 34390 s.trvdp.com — Cisco Umbrella Rank: 30819 p.trvdp.com — Cisco Umbrella Rank: 24150 v.trvdp.com — Cisco Umbrella Rank: 106785	153 KB
102	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 163 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 pubads.g.doubleclick.net — Cisco Umbrella Rank: 415	338 KB
71	glbimg.com s3.glbimg.com — Cisco Umbrella Rank: 68576 s2-galileu.glbimg.com s2.glbimg.com — Cisco Umbrella Rank: 77868 s.glbimg.com — Cisco Umbrella Rank: 92537 p.glbimg.com — Cisco Umbrella Rank: 136704	2 MB
62	googlesyndication.com 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	520 KB
39	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1024 pm-widget.taboola.com — Cisco Umbrella Rank: 3284 trc.taboola.com — Cisco Umbrella Rank: 646 am-trc-events.taboola.com — Cisco Umbrella Rank: 14648 vidstat.taboola.com — Cisco Umbrella Rank: 3158 pips.taboola.com — Cisco Umbrella Rank: 1652 cds.taboola.com — Cisco Umbrella Rank: 1817 imprammp.taboola.com — Cisco Umbrella Rank: 15384 am-match.taboola.com — Cisco Umbrella Rank: 15903 wf.taboola.com — Cisco Umbrella Rank: 2974 vidstatb.taboola.com — Cisco Umbrella Rank: 4631 vidanalytics.taboola.com — Cisco Umbrella Rank: 6389 am-wf.taboola.com — Cisco Umbrella Rank: 16930	711 KB
30	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	281 KB
28	rubiconproject.com 1 redirects ads.rubiconproject.com — Cisco Umbrella Rank: 2076 fastlane.rubiconproject.com — Cisco Umbrella Rank: 520 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2989 eus.rubiconproject.com — Cisco Umbrella Rank: 579 token.rubiconproject.com — Cisco Umbrella Rank: 477 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967	173 KB
24	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 8537 cdn.tinypass.com — Cisco Umbrella Rank: 6134 buy.tinypass.com — Cisco Umbrella Rank: 6622	532 KB
19	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1004 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com — Cisco Umbrella Rank: 719	274 KB
15	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 423 mug.criteo.com — Cisco Umbrella Rank: 3123 bidder.criteo.com — Cisco Umbrella Rank: 679	16 KB
14	globo.com 2 redirects revistagalileu.globo.com barra.globo.com — Cisco Umbrella Rank: 191414 id.globo.com — Cisco Umbrella Rank: 101430 horizon.globo.com — Cisco Umbrella Rank: 74833 usergate.globo.com — Cisco Umbrella Rank: 101797 globo-ab.globo.com — Cisco Umbrella Rank: 85779 horizon-schemas.globo.com — Cisco Umbrella Rank: 84213 horizon-track.globo.com — Cisco Umbrella Rank: 62578	114 KB
13	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 253 secure.adnxs.com — Cisco Umbrella Rank: 490 acdn.adnxs.com — Cisco Umbrella Rank: 598	42 KB
12	google.com www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	69 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	352 KB
10	gstatic.com fonts.gstatic.com csi.gstatic.com	128 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 gadasource.storage.googleapis.com — Cisco Umbrella Rank: 94037 imasdk.googleapis.com — Cisco Umbrella Rank: 485	402 KB
9	permutive.com api.permutive.com — Cisco Umbrella Rank: 2271 cdn.permutive.com — Cisco Umbrella Rank: 3125	261 KB
9	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 77191 d.tailtarget.com — Cisco Umbrella Rank: 85710 tt-12842-2.seg.t.tailtarget.com — Cisco Umbrella Rank: 130903 b.t.tailtarget.com — Cisco Umbrella Rank: 67257 dmp.t.tailtarget.com — Cisco Umbrella Rank: 247087 t.tailtarget.com — Cisco Umbrella Rank: 22918	28 KB
8	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7316	4 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	485 KB
7	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029 www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
7	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 5068 p1cluster.cxense.com — Cisco Umbrella Rank: 9714 comcluster.cxense.com — Cisco Umbrella Rank: 4535 id.cxense.com — Cisco Umbrella Rank: 10570	82 KB
6	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 33495 usr.navdmp.com — Cisco Umbrella Rank: 38610 cdn.navdmp.com — Cisco Umbrella Rank: 25060	11 KB
6	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 1839	665 B
6	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1533	3 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 177	4 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4149 onesignal.com — Cisco Umbrella Rank: 1446 img.onesignal.com — Cisco Umbrella Rank: 7733	88 KB
5	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 358 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	1 KB
5	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 9261 flowcards.mrf.io — Cisco Umbrella Rank: 19048 experiences.mrf.io — Cisco Umbrella Rank: 10063	65 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1736 google-bidout-d.openx.net — Cisco Umbrella Rank: 1735 us-u.openx.net — Cisco Umbrella Rank: 524	1 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497	3 KB
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	69 KB
4	infoglobo.com.br static.infoglobo.com.br — Cisco Umbrella Rank: 245571	82 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	445 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 657	75 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 857 id5-sync.com — Cisco Umbrella Rank: 425	30 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 562	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	291 B
2	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 26880	24 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 671	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1376	326 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	93 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	185 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	12 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	3 KB
2	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2677	809 B
1	googleadservices.com www.googleadservices.com
1	googlevideo.com rr5---sn-4g5lzney.googlevideo.com — Cisco Umbrella Rank: 63526	3 MB
1	amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 326	479 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1482	712 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 707	387 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 805	166 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1872	173 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 662	236 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5893	551 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 53518	608 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	104 B
1	prmutv.co d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co — Cisco Umbrella Rank: 182740	389 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 784	338 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	permutive.app d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app — Cisco Umbrella Rank: 108415	301 KB
1	ivcbrasil.org.br ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 138714	461 B
1	piano.io c2.piano.io — Cisco Umbrella Rank: 5593	4 KB
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4356	494 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1833	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948	3 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 7784	3 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
700	70

	Domain	Requested by
105	p.trvdp.com	revistagalileu.globo.com
51	pubads.g.doubleclick.net	imasdk.googleapis.com
35	s3.glbimg.com	revistagalileu.globo.com s3.glbimg.com s.glbimg.com barra.globo.com 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com www.googletagmanager.com p.glbimg.com buy.tinypass.com
32	pagead2.googlesyndication.com	revistagalileu.globo.com 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com pagead2.googlesyndication.com imasdk.googleapis.com securepubads.g.doubleclick.net
30	cdnjs.cloudflare.com	buy.tinypass.com
26	s2-galileu.glbimg.com	revistagalileu.globo.com
23	tpc.googlesyndication.com	447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com revistagalileu.globo.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net imasdk.googleapis.com
22	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com
19	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com revistagalileu.globo.com s3.glbimg.com
16	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
13	googleads.g.doubleclick.net	447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com pagead2.googlesyndication.com
12	prebid-a.rubiconproject.com	ads.rubiconproject.com
10	fundingchoicesmessages.google.com	revistagalileu.globo.com
10	www.googletagmanager.com	s3.glbimg.com www.googletagmanager.com
9	dt.adsafeprotected.com	447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com revistagalileu.globo.com
9	am-trc-events.taboola.com	cdn.taboola.com revistagalileu.globo.com
9	cdn.taboola.com	revistagalileu.globo.com cdn.taboola.com client
8	api.permutive.com	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
8	events.newsroom.bi	sdk.mrf.io
8	ib.adnxs.com	2 redirects googleads.g.doubleclick.net ads.rubiconproject.com d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app acdn.adnxs.com
8	www.googletagservices.com	revistagalileu.globo.com 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7	gum.criteo.com	2 redirects static.criteo.net cdn.taboola.com ads.rubiconproject.com
7	447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	eus.rubiconproject.com	am-match.taboola.com eus.rubiconproject.com s.trvdp.com ads.rubiconproject.com
6	static.adsafeprotected.com	447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com fw.adsafeprotected.com
6	bidder.criteo.com	ads.rubiconproject.com
6	s.seedtag.com	ads.rubiconproject.com
6	fastlane.rubiconproject.com	ads.rubiconproject.com
6	prg.smartadserver.com	ads.rubiconproject.com
6	sb.scorecardresearch.com	2 redirects revistagalileu.globo.com
6	fonts.gstatic.com	fonts.googleapis.com
6	s2.glbimg.com	revistagalileu.globo.com
6	fonts.googleapis.com	revistagalileu.globo.com buy.tinypass.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com revistagalileu.globo.com
4	csi.gstatic.com	imasdk.googleapis.com
4	secure.adnxs.com	2 redirects revistagalileu.globo.com s.trvdp.com
4	fw.adsafeprotected.com	2 redirects 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
4	www.youtube.com	sdk.mrf.io www.youtube.com
4	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	static.infoglobo.com.br	revistagalileu.globo.com static.infoglobo.com.br
3	am-wf.taboola.com	vidstat.taboola.com
3	imasdk.googleapis.com	s.trvdp.com imasdk.googleapis.com
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	sdk.mrf.io	revistagalileu.globo.com sdk.mrf.io
3	static.criteo.net	securepubads.g.doubleclick.net ads.rubiconproject.com static.criteo.net
3	id.globo.com	1 redirects s3.glbimg.com id.globo.com
3	onesignal.com	cdn.onesignal.com
3	s.glbimg.com	revistagalileu.globo.com s.glbimg.com
3	revistagalileu.globo.com	1 redirects s3.glbimg.com
2	horizon-track.globo.com	s3.glbimg.com
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-12842-2.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	revistagalileu.globo.com d.tailtarget.com
2	ads.stickyadstv.com	1 redirects revistagalileu.globo.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	x.bidswitch.net	447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com am-match.taboola.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	stg.truvidplayer.com	go.trvdp.com s.trvdp.com
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	ups.analytics.yahoo.com	googleads.g.doubleclick.net imprammp.taboola.com
2	www.google.com	447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com tpc.googlesyndication.com
2	cdn.navdmp.com	tag.navdmp.com
2	trc.taboola.com	cdn.taboola.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	usr.navdmp.com	tag.navdmp.com
2	usergate.globo.com	s3.glbimg.com revistagalileu.globo.com
2	tag.navdmp.com	s3.glbimg.com tag.navdmp.com
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	revistagalileu.globo.com connect.facebook.net
2	mug.criteo.com	revistagalileu.globo.com
2	oajs.openx.net	1 redirects revistagalileu.globo.com
2	id5-sync.com	cdn.id5-sync.com revistagalileu.globo.com
2	s0.2mdn.net	447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com imasdk.googleapis.com
2	ad.doubleclick.net	revistagalileu.globo.com
2	cdn.jsdelivr.net	ads.rubiconproject.com securepubads.g.doubleclick.net
2	cdn.onesignal.com	revistagalileu.globo.com cdn.onesignal.com
2	cdn.polyfill.io	revistagalileu.globo.com
1	www.googleadservices.com	imasdk.googleapis.com
1	img.onesignal.com
1	rr5---sn-4g5lzney.googlevideo.com
1	v.trvdp.com	s.trvdp.com
1	acdn.adnxs.com	ads.rubiconproject.com
1	vidanalytics.taboola.com	cdn.taboola.com
1	t.tailtarget.com
1	dmp.t.tailtarget.com
1	experiences.mrf.io	sdk.mrf.io
1	horizon-schemas.globo.com	s3.glbimg.com
1	s.amazon-adsystem.com	revistagalileu.globo.com
1	secure-assets.rubiconproject.com	1 redirects
1	vidstatb.taboola.com	revistagalileu.globo.com
1	sync.inmobi.com	1 redirects
1	onetag-sys.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	image6.pubmatic.com	447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
1	tr.blismedia.com	447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
1	s.trvdp.com	go.trvdp.com
1	imprammp.taboola.com	vidstat.taboola.com
1	go.trvdp.com	cnt.trvdp.com
1	s.ad.smaato.net	447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	dclk-match.dotomi.com	447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
1	cdn.permutive.com	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
1	stats.g.doubleclick.net	www.google-analytics.com
1	d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	beacon.krxd.net	tag.navdmp.com
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	www.facebook.com	revistagalileu.globo.com
1	p1cluster.cxense.com	cdn.cxense.com
1	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app	s3.glbimg.com
1	globo-ab.globo.com	p.glbimg.com
1	flowcards.mrf.io	revistagalileu.globo.com
1	tags.t.tailtarget.com	s3.glbimg.com
1	ivccf.ivcbrasil.org.br	revistagalileu.globo.com
1	c2.piano.io	cdn.tinypass.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	gadasource.storage.googleapis.com	revistagalileu.globo.com
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.tinypass.com	experience.tinypass.com
1	horizon.globo.com	revistagalileu.globo.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	p.glbimg.com	s3.glbimg.com
1	www.npttech.com	static.infoglobo.com.br
1	experience.tinypass.com	static.infoglobo.com.br
1	ads.rubiconproject.com	s3.glbimg.com
1	barra.globo.com	revistagalileu.globo.com
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
700	143

This site contains links to these domains. Also see Links.

Domain
revistagalileu.revistadigital.globo.com
www.publicidadeeditoraglobo.com.br
www.assineglobo.com.br
privacidade.globo.com
www.globo.com
g1.globo.com
ge.globo.com
gshow.globo.com
globoplay.globo.com
oglobo.globo.com
popup.taboola.com
qdcnsq.snzgdl.com
www.apotheken-gesundheit.de
jobs.heise.de
lbglsx.pzzqvpjlfkbmb.com
pt-br.facebook.com
www.instagram.com
twitter.com
www.tiktok.com
br.pinterest.com
www.youtube.com
www.facebook.com
www.linkedin.com
pox.globo.com
valor.globo.com
pipelinevalor.globo.com
valorinveste.globo.com
extra.globo.com
autoesporte.globo.com
bhfm.globo.com
revistacasaejardim.globo.com
casavogue.globo.com
cbn.globoradio.globo.com
revistacrescer.globo.com
epocanegocios.globo.com
glamour.globo.com
globorural.globo.com
gq.globo.com
revistamarieclaire.globo.com
revistamonet.globo.com
revistapegn.globo.com
revistaquem.globo.com
radioglobo.globo.com
www.techtudo.com.br
umsoplaneta.globo.com
vidadebicho.globo.com
vogue.globo.com
site.vagas.com.br

Subject Issuer	Validity	Valid
revistagalileu.globo.com RapidSSL TLS RSA CA G1	`2023-11-29` - `2024-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
s3.glbimg.com RapidSSL TLS RSA CA G1	`2023-05-02` - `2024-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
static.infoglobo.com.br RapidSSL TLS RSA CA G1	`2024-01-13` - `2025-01-12`	a year	crt.sh
polyfill.io Certainly Intermediate R1	`2024-01-11` - `2024-02-10`	a month	crt.sh
barra.globo.com RapidSSL TLS RSA CA G1	`2023-05-15` - `2024-05-15`	a year	crt.sh
*.glbimg.com RapidSSL TLS RSA CA G1	`2023-05-11` - `2024-05-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
npttech.com GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
id.globo.com RapidSSL TLS RSA CA G1	`2023-03-14` - `2024-03-14`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
horizon.globo.com RapidSSL TLS RSA CA G1	`2023-09-25` - `2024-09-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-13`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
ssl03.cert.cl13.k8s.mrf.io R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.ivcbrasil.org.br Amazon RSA 2048 M02	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
usergate.globo.com RapidSSL TLS RSA CA G1	`2023-04-24` - `2024-04-23`	a year	crt.sh
globo-ab.globo.com R3	`2023-12-07` - `2024-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.prmutv.co R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
api.permutive.com R3	`2023-12-15` - `2024-03-14`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.truvidplayer.com Amazon RSA 2048 M03	`2024-01-07` - `2025-02-03`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-01-10` - `2024-06-26`	6 months	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
horizon-schemas.globo.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-03-15`	a year	crt.sh
horizon-track.globo.com RapidSSL TLS RSA CA G1	`2023-09-26` - `2024-09-26`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-02` - `2024-03-12`	2 months	crt.sh
onesignal.com E1	`2023-12-25` - `2024-03-24`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 45 frames:

Primary Page: https://revistagalileu.globo.com/
Frame ID: 7303E02C3AC36E49EE4FD2E0FFA230F0
Requests: 400 HTTP requests in this frame

Frame: https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/3p-cookies/step2.html
Frame ID: 8B1C11FF0A739F8B8E671EC2C315015F
Requests: 2 HTTP requests in this frame

Frame: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1792BE0EF046FD82E3A88BA8FB4166B7
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-T6MZG9W
Frame ID: 5365335F4246E479BAB0691DAF1CBD5E
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-NXVN776&ancestors=GTM-T6MZG9W&restrictions=&gtm.url=https%3A%2F%2Frevistagalileu.globo.com%2F
Frame ID: F95FF0E3830AB5CF7C23C3F48912C152
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-T6MZG9W&restrictions=&gtm.url=https%3A%2F%2Frevistagalileu.globo.com%2F
Frame ID: 8B94FD18DCFB7091820455672E0D4046
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-T6MZG9W&restrictions=&gtm.url=https%3A%2F%2Frevistagalileu.globo.com%2F
Frame ID: 9BE326AB44787148B5F6187AAF6E21E6
Requests: 1 HTTP requests in this frame

Frame: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CC5E8CDA691A053A1BA6AED5F72720C1
Requests: 9 HTTP requests in this frame

Frame: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BCF2A6B1108F0AEF1B018CB765D1B2D2
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEPWIy-AEGNih9foBMAE&v=APEucNVd6B33xjYdD-PRjQ16citmKRKI4cldrT4kcCv0lfCxtNL5TMLvsWiKU-tVnahvLBICQEEyH6nWL1EJxTPQU7JEN4Pr0vIlG9E8XIrthXSZTWzbFcx7Mq12YaSP_NEQaP7xGB7XLJ21qzugWEUT-vTqMRzISMagsVViyK9Po6Z1FfDyQSc
Frame ID: 3EC152040F3645E955EB7EDBF1431336
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7A783E939E27F9D304C434D3B1CB5DB0
Requests: 3 HTTP requests in this frame

Frame: https://revistagalileu.globo.com/login-callback.ghtml
Frame ID: DAA3C2B8B1EEAEAF2C27EEE17B5B0100
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=revistagalileu.globo.com
Frame ID: D973BD25B318CDB6821E7B586354A766
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-2tXTquC29Tw83aKNDLLbZ11U9imkdP9fO46QdOFAdKdElHOICIUCvBz5teOJaHWgOmgtskPJfmaDizcAfKnPCh9rw-3GDGtCXWNlzykSL66fInmeIkeERCClNI00hxcSlgXezFzrw-22m-s6LiH_1r7soHJK5PuglDZEHCJrMdtL4AFYnZaTAF0FPyOxs_skub7TuQYUXOdpr7vjUXa-ruZHeJbVB83QMuWVA5DGcdicpTgVFlco1r5dJbAPeIinQDg1it_izEz3TA3MQgjLAGuT7wfmoLnzW_CQMb6k8RVSO9bE9W1sTAD8Qhis_VytyeZsTTbW4cYRixD6Jnd3zADwHiY-mKuuhHmrpdPayaZDf03-9hQgSCA&sai=AMfl-YRqZPlouhCpcmj0v9uINPLK9Lz-LECJ8LBiSkZ_L0kzDbRkjj3Htchi2KInkEQaz20MsP4CvAg9ROBFQ3lorqlEsv1T4Gz4SpiW60Ppg4QlGDk032FwUHoI0lzewg&sig=Cg0ArKJSzO4FgwzFL-c3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 0E6602749C046F7B8618AB756208B626
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: C50819F6BCE942CB0F3E22D952A4EBE5
Requests: 1 HTTP requests in this frame

Frame: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C12FFC98C4E809F72A063D4BAAC43CE5
Requests: 9 HTTP requests in this frame

Frame: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D8A8ABA44A7B3B27B7A8F20344AB13F1
Requests: 9 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTBOB9H431PH&templateVariantId=OTVNV8G9XH89V&offerId=fakeOfferId&experienceId=EX4DCSDEWA90&iframeId=offer_8cbe9f57be49d75e60e4-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
Frame ID: A4B0AB31D3D01DFBBCE536BE67581E9C
Requests: 22 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTV5TSU2XMXLV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_e1e11d4a5d4b696aa15e-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
Frame ID: 146A8F905CE761E92877C1ED432FCA85
Requests: 19 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVY9LH1NCBIW&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_102b08c3603161dd7118-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
Frame ID: B39AD27C339127AE2E97EC1D43C5C4B5
Requests: 20 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 2429BE10AA2A11D4A02D585045191AD0
Requests: 4 HTTP requests in this frame

Frame: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CEA93A4D84A4645070929DF6F3CDDC61
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMigmAEQqo3fARjsq7yCAjAB&v=APEucNUdfU6lTdRwz0x15PgxZNXVg-OG3JvOovqeMV7cuCsoUoabzMa_4jh5q4qCD2FkNe8a8kN18iOvaKiwXWE8QuAT4JeroUBqpJxSEHO0U280-IUXGVepOMfCbL28eyTgu3z6WZSxOsFMjyNaTO9IvQuj3TtSeWSMOo_99YCefIhuIpU2HbU
Frame ID: 44C9A24305052795D9F1168EFE14694D
Requests: 5 HTTP requests in this frame

Frame: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5653CF3FF0524CE1C195AAAB4B9B38EE
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMigmAEQqo3fARjsq7yCAjAB&v=APEucNWC4kVqtnaG9qkk2M327sdihLKEVaY9rJAUWgt0Dqq_xfOI3_sOIohusUNBxBw3gTS_HJ3gkWsNk8FdxQvg1HFmPlPkSuDZLcVKrFX0osHTzqftEEPCEVF7kIn0WczFPnNrahvmOjJMA1KSDAtS4TlWDPWNDBPabCUNBhiK2Q2ZTQHHMlE
Frame ID: A603C5270403C65AE33A885C55C2FFA5
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: E49DE2C1B9783FC88658D6B31F766A4B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B26C1C774C6AE35668514128CB140BA3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 934D0CA894191200F1586F9CC135C6E1
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: ECF41AC9CB7E79BDAE2C977FFC7E295F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 41EDBDD9FDB42B4D7291C7ECFEAB8375
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5449A5375230BAD0DAAB27CF4BEC5BDA
Requests: 9 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&cmcv=&pix=undefined&cb=1705639337293&uv=3373&tms=1705639337293&abt=adxsub-out_vA!adxsub-out_vB!aniviewPrebidInteg_vB!iiqwfcontrol_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=bfa11842-dcd7-476e-ad8e-3e415e87e9c5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: CAC96339C3AEE5F25F6B10CE7E894F7A
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 575953E7BE8677E9580A26BF6A3E3784
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: B87258D48B06904C4949867213B330CB
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 820ED12A309943F7BDABFD0536DCB30B
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Frame ID: A7E0401A62D7465C8FA88DA2A333544A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Frame ID: D4455F11E1A1C32D48A675E1FC52C6CC
Requests: 70 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DD1AACB76446883A963347A1CC586E58
Requests: 1 HTTP requests in this frame

Frame: https://experiences.mrf.io/passexperience/dw-check.html?v=6
Frame ID: 953CB9C2E06FDE258BC84EEBFE57BDEC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 171C1DA0A61DDDBC42EBCDBD7D330F17
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 516BA202F28CEF41EBF51658B6173069
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=revistagalileu.globo.com
Frame ID: D153840841EE4BD4B24B32FD818FF883
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A2ECBD9817D3A0F314C295C53D07DDBC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 64DFF8B83CDEBEDC69BB5AF32FC5EFE9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 56AE6DA9322A759D0EA39ED2DCA2F5DC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Galileu

Page URL History Show full URLs

http://revistagalileu.globo.com/ HTTP 301
https://revistagalileu.globo.com/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

700
Requests

96 %
HTTPS

45 %
IPv6

70
Domains

143
Subdomains

107
IPs

11
Countries

10961 kB
Transfer

27292 kB
Size

92
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://revistagalileu.revistadigital.globo.com/
Title: Revista digital

Search URL Search Domain Scan URL

URL: https://www.publicidadeeditoraglobo.com.br/galileu/
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://www.assineglobo.com.br/hotsite/galileu-digital/?campanha=nao&site_par=1&origem_par=1&formato_par=gc_botao&versao_par=botao_rodape&utm_source=sitegq&utm_medium=botao&utm_campaign=eg_gc_botao
Title: Assine

Search URL Search Domain Scan URL

URL: https://privacidade.globo.com/privacy-policy/
Title: política de privacidade

Search URL Search Domain Scan URL

URL: https://www.globo.com/?utm_source=barraGCOM

Search URL Search Domain Scan URL

URL: https://g1.globo.com/?utm_source=barraGCOM
Title: g1

Search URL Search Domain Scan URL

URL: https://ge.globo.com/?utm_source=barraGCOM
Title: ge

Search URL Search Domain Scan URL

URL: https://gshow.globo.com/?utm_source=barraGCOM
Title: gshow

Search URL Search Domain Scan URL

URL: https://globoplay.globo.com/?utm_source=barraGCOM

Search URL Search Domain Scan URL

URL: https://oglobo.globo.com/?utm_source=barraGCOM
Title: OGlobo

Search URL Search Domain Scan URL

URL: https://www.globo.com/todos-os-sites.html?utm_source=barraGCOM
Title: todos os sites

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editoraglobo-galileu&utm_medium=referral&utm_content=thumbnails-b:Below%20Homepage%20Thumbnails:
Title: por Taboola

Search URL Search Domain Scan URL

URL: https://qdcnsq.snzgdl.com/
Title: Gewächshaus-Angebote | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://www.apotheken-gesundheit.de/moossalbe-ag
Title: Apotheken Gesundheit

Search URL Search Domain Scan URL

URL: https://jobs.heise.de/Job/Systemadministrator-in-Online-Dienste-und-Telefonie-m-w-d.1397347285.html
Title: heise jobs

Search URL Search Domain Scan URL

URL: https://lbglsx.pzzqvpjlfkbmb.com/
Title: Wandsticker | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://pt-br.facebook.com/revistagalileu/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/revistagalileu/

Search URL Search Domain Scan URL

URL: https://twitter.com/revistagalileu

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@revistagalileu

Search URL Search Domain Scan URL

URL: https://br.pinterest.com/revistagalileu/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/REVISTAGALILEU

Search URL Search Domain Scan URL

URL: https://www.facebook.com/revistagalileu/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/galileu/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@REVISTAGALILEU/

Search URL Search Domain Scan URL

URL: https://pox.globo.com/rss/galileu/

Search URL Search Domain Scan URL

URL: https://valor.globo.com/
Title: Valor

Search URL Search Domain Scan URL

URL: https://pipelinevalor.globo.com/
Title: Pipeline

Search URL Search Domain Scan URL

URL: https://valorinveste.globo.com/
Title: Valor Investe

Search URL Search Domain Scan URL

URL: https://oglobo.globo.com/
Title: O Globo

Search URL Search Domain Scan URL

URL: https://extra.globo.com/
Title: Extra

Search URL Search Domain Scan URL

URL: https://autoesporte.globo.com/
Title: Autoesporte

Search URL Search Domain Scan URL

URL: https://bhfm.globo.com/
Title: BHFM

Search URL Search Domain Scan URL

URL: https://revistacasaejardim.globo.com/
Title: Casa e Jardim

Search URL Search Domain Scan URL

URL: https://casavogue.globo.com/
Title: Casa Vogue

Search URL Search Domain Scan URL

URL: https://cbn.globoradio.globo.com/
Title: CBN

Search URL Search Domain Scan URL

URL: https://revistacrescer.globo.com/
Title: Crescer

Search URL Search Domain Scan URL

URL: https://epocanegocios.globo.com/
Title: Época Negócios

Search URL Search Domain Scan URL

URL: https://glamour.globo.com/
Title: Glamour

Search URL Search Domain Scan URL

URL: https://globorural.globo.com/
Title: Globo Rural

Search URL Search Domain Scan URL

URL: https://gq.globo.com/
Title: GQ

Search URL Search Domain Scan URL

URL: https://revistamarieclaire.globo.com/
Title: Marie Claire

Search URL Search Domain Scan URL

URL: https://revistamonet.globo.com/
Title: Monet

Search URL Search Domain Scan URL

URL: https://revistapegn.globo.com/
Title: PEGN

Search URL Search Domain Scan URL

URL: https://revistaquem.globo.com/
Title: Quem

Search URL Search Domain Scan URL

URL: https://radioglobo.globo.com/
Title: Rádio Globo

Search URL Search Domain Scan URL

URL: https://www.techtudo.com.br/
Title: TechTudo

Search URL Search Domain Scan URL

URL: https://umsoplaneta.globo.com/
Title: Um Só Planeta

Search URL Search Domain Scan URL

URL: https://vidadebicho.globo.com/
Title: Vida de Bicho

Search URL Search Domain Scan URL

URL: https://vogue.globo.com/
Title: Vogue

Search URL Search Domain Scan URL

URL: https://site.vagas.com.br/PagEmprCust_editora-globo_vagas.html
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: https://www.publicidadeeditoraglobo.com.br/
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://privacidade.globo.com/
Title: Portal da Privacidade

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://revistagalileu.globo.com/ HTTP 301
https://revistagalileu.globo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1Sy56irZDG16LV_5-THYs&google_cver=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zan9pREV6gV7G2XaGiiqFAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1Sy56irZDG16LV_5-THYs&google_cver=1

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDxJaPOlAphjw-KWoaQu_Wk&google_cver=1

Request Chain 121

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE2Mjk3MjEyNzU5Mzk2NTA1Mw%3D%3D

Request Chain 127

https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=revista-galileu%40apps.globoid&redirect_uri=https%3A%2F%2Frevistagalileu.globo.com%2Flogin-callback.ghtml&state=5d01a827-88fe-4aea-8682-5951a343d696&response_mode=fragment&response_type=code&scope=openid&nonce=0dc78635-ff50-4d7f-b19a-d8f95dd4c758&prompt=none&code_challenge=M-pU0s7AvJjC324gxbA9f-lgIxHr_9hwqT5d2hQ4zOg&code_challenge_method=S256 HTTP 302
https://revistagalileu.globo.com/login-callback.ghtml

Request Chain 129

https://oajs.openx.net/esp?url=https%3A%2F%2Frevistagalileu.globo.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Frevistagalileu.globo.com%2F&rid=esp&cc=1

Request Chain 132

https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=revistagalileu.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=WGHDM3xSOWlZdkxodEx4UkRpK3UwNzVjUE9XeGZxUmpYNE12RTFwb0pidmlQNnh3bnp5RmJtTTZIR3hiR3ZMQU52U2Q5Zkl6amxRMWJGdGhGUDNIRTJYMS9Ea05mV1Y1VGZJY2hIYWY0WWliR3hkV05Gc0JNd3BSTmxSeGY1bXRuR3d3a3k4dVo0VFJNVDY0eGZ6MndhN2ZwY09PSDFQc2xlekZLWWZpWGlZcG9DdDRBdEdvTE52REVmU0xMdVFYMFlJaDI0Y20vck9zSjV1bzRNb1dFQ0dnM0xQYUt3RS9HVGZQTjNGR0FDRU5CZmVVblZSWUhFb2g4bERNWStJeksvQXNibStsQ3Byckx0bld3bVR5SWJiVGYxUT09fA&cppv=2

Request Chain 139

https://sb.scorecardresearch.com/cs/6035227/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 303

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEItBMQ_vZN60UcPmZdbUPV0&google_cver=1

Request Chain 305

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKAXu4wCbahcBDsx51K6pec&google_cver=1

Request Chain 342

https://fw.adsafeprotected.com/rfw/bgd/1806749/77544531/xbbe/creative/adj?p=APEucNVQBM3flZcx85qGvX5SklzynvfAD1oUAuVOEYjtags22mxCcKg&d=CpkBAKAmf-C7LS0bG2z4AdvDnJO1-LMZR3efykncthM7z-eugcYcuTDn7Np6-7GpQyB4QAlTaTtcRL0PWTctPdvqQURg4X-eU233IxF2HLsvukbkmpsvXYfgiAS7qHyjepVNR7TcdBAhv8efRpJ8cLrCkCeqP_dv2nHo86IfIWVURqQ6sj8LbnmLtUbZy4Twj5Cu8Wvb16BxqshHEvkWAKAmf-DUqWLgYz-x-S23RglEqF1SJ7KkkM_jqZb9ZRXMyoFAS-0L_XkQP2_c7A4H3fb3Be0UTHf3DmGSjCzgB3vy-BpwHM9OZX3yMqDcTnBb-WfquJ-1u8z-ySvH1GEzl0LjM-fau8SLoJ0XUnHrlR6EiqHprpfvDag82M-t9zr_5T_JhIiH0BeL4kwE05im9VL1iK1NuTdANcA5-WFSSv-hTHhU1KvNO170NWMimpvWd3Y3R2qcp5szP2Nd7Uh_r-6daB_T64yaokVqhHuG44QEsRUDI-niPCV9M2SfAcahN37GG_9-snHqgZnOwnOZRwTCksaaAE1AuNLyT6mn_fOD4BkmPNK0BwDGtSvMOgJNVHytjY4eIrQSa5altGqwG6OAUS1Op7PNbx6Fyu8A3dN6Wt5qGMYTPqbwtMdAn0plZbXMF8GQlHDaolSnQZjUutEGzlJjM6s0BWx3VjnXVsvQeLa_l4sQmg2zU4stdin7r7T62Fsld6DA_4O7qFdN4gLBNaAzvbGr9_PT-8dxeliIbvl7klR5bfE6WZgvhcakRgvubXRGf-7JnQxouVcPO-kyUpUQ7_27L_eIrzYPOf-XJArlQiKe7KAPSa5Ok3VeU2ZtoFCuv2PvML1SkPkKOt1zXCIhniUbOm4WqI53b73aLilDOvlecQLSRPddzBuvI4c1FzjTqeGK64L2SwOFqG62s95j8bbyCAd-kBE8pQJGloE5vU6nMqaV1RW7O45H8_ENNHn3B1B3CYsMz8AB08fwzh8dpqMN6ZuZmp23mWuISg50eA6ZztXuaMZ7J_11db99w6ulasd8MYv6NXi9YeazmvkSmuEYo34EiJvHdu8_7AHQ7hIVA1wx6q2Dq21uVD9WtJ9_18utrqbDaF83PTKofS7H3sy3VHO4dnu2uOezzMizEUODutE_pxZDpYa5SGU-zK8gEC5FwWB7OnCyV4kXKu1MRaraASFhGH0naz0dlyj_Dau6XM5RxOaebpW6mtdn-Sgfkt9PqpD0ooPMWfIR9DqwO6lLQHI-kxkW5uQDCY58oFpsGL6Sm-BnZe1Dugyi5dn_dKRfWPcBnNl464vhfAQ-3PciCN57alMMh4RjEub7lTqQFxiD2oZwVjxYfDMPISlg-Y12OoZdn31tVM3usG3rsfqE0Z1c6PS0kFp11b5yfTVtkq1q9Nr19L3PkqE4NTxkCdTYvg2scm7EDFAsFfo0CZv2Sy9tlQ_bvnTGL3L6ICovJ2WOngZw3oVzBZQWgZnlG8oSMqzqL-1wWg9vikqJii_rKmDDsMEwbcgeyJdROulyZ3vvOxxcnPd721W3I4xwiSB9x2MFtXBM73FfJdsDBARbmZBwRcWBT709UH0uCf816piGZdMwtcPgq6PMDjOBa9mGOe9ETUjKvrt0bf9S_0ij4ekzErnvOe7OaggljCPu-VEc5AJ23BowRzliSAeFn6kCfkydoPPqklAlUgPGjMzoNVlOgXDfFLItSoF--8rBcX8RTLRCuh2_N-UPbd_W1qTiXNRdei3NOPCO9qhR9jNBQl2QX5QxRpfxI9b-ovhYXTdUuow--B9rAODabHRPhBnpwLNjyvlNem9qhrM6IY0vejoLvAgtVsOEcBwzp6xAcZn-4wwLcgSszulUckgR0wqYlepzvyOn-ww4zTcC2pOTv3ZnbTr3URTQia7Yg1Z4GqMVmrxnKEeY3DfkVjP65CQI_yG1kNjt6oCxCrTH3iEYBsjY9dmR-Y6Ycj83jh480IFH_mn_PHFCAM1ouv40ptKb6Rc1WVQ9zkqjmU_MvDlclyO4uapsR1GDXcX9meaYRZO0cX99__gEZjDHoRo6fH8jE8_7v7JN4RQofgJg5xF1Ye7APZvWZvNgDJCahcWGuLthkXJoMV7v8sBB8anxximt2AHlm_Ux87kIovHjVYIRkRiWxghkk3xppEHcMKJlnXg3SmEmuSk57pGChb-SEZAr-o75xvHKbK2szdscmM5LRSuCDvBRgtrsC__9fslzqHHDA8HOzzBAqMIF1f_8sTHDymHE56sd-B5ZI2BU8uJ5qkx5N08ckcvAuU_SLoZWSqwUISecXT1LPc4AWylIQViSxjxmD-SCnfOE-jalKD1A-CwlOsHOrvPxDek9UqT5hcylbJNHA5Yzs_-hzFIHW1gxVyn8j5Z4V5q7_VbhN9K3i0DJ5fy4yKJdfCU-Rmh9sNPoskwHvB_8M3rRZzikMfEUCMVdXL3Ed5-8psMwUXq_6S8LNn7LGLzkmSJGN4tocqDusiNNkz56I-NkTqXR1zbKWfg0Fq1r9rbim4T9pntc0zGtbisE7kyDbyRwxZwtghCqa6obbUsakamos3F-K0rCeqvWTaZ-Ww_jUQbUikJ4gh_AspjeNyK4i6hlc9f_vPia_z1hOevKnn7b-sAQPKtNCHXWQPgtT-WOfVR9oPD2piGGnQGK1EAb6PtubcBhGznKnSDaqG9DrvtX_XT5uoTflTuzWh1pNgmUPyl0YZYBgktD6s1cDp4yokX3FYHTjM9U-RI7wwSrewzfqszHSk4F9vJBysS2ZHCVXQ-9x17jQCcPP2VhES0ocVITxgqzS_hUVHJHZbV1rCh8eB1izEBUusZLWUZwv9o9IK-kcybMPgtVtBEVHfrmjRWGRucJqTspe0AB7Q8hDEl6lDbxc3zI7TLx48dlJl828Q6ra9G40JOYS3vLcJ60M8gzbD-oNRsRzKOhZjTZ8JBiozGYHxaV6PzOL7hRW-Z_YwleCjc1w_aFMOQZTm5b__Kp-Soy9CiYaNpb7G4tuU9KA6CDaiyNciCj1OnzM3d5WUOFKxSDk1CSrvi0S0xjhaWgb46TDuG2nAc0ov6dQXHvCyjIG6N45Kn0OMchaH-da2looxHkkJa-Frtgo6wY-Y4LRbNJ0z16gA9r4EhpwMVEDQTEdqM7u8Mffn-AezEwmzxVA8zykFdYL-rjpyh7s5uPFg_6pPs7M2BsHPtEK4c0sKALLOBO0m8v4G1FtsX6p_6112eed5flstv5IBhGg9kLK9srVI2bQUkv_aPIcxVJSIlfSNqckbq72ljllMw8r1oVIQahmu32RGph7Y5mPlVGpddGNZD1RCtSn5CO-bmItCcSU8WbHYOqQJa4GUZQVIwsUVMm6CG6Zj8dQMVmPbmIj6aQocw5OiHeg-bCuhD4stL_oI3AOn5jlazzVozIZ2AQVQTV__yvdpEl8bClAw6Y53EZ3jh4hMRSpV2QLX-l_IVqKbgs6YjhkqTcqSTsoR8ggojf8m79jCi_9B8adJL3XEDchvTB8IyjZPvYIA33vxm2YNa2YIv7X6CphS8VAtTgYNOxgL2QPFRBUF98S7G4c9qRl5d8KZdC-pXJ7Rqnssgb3cL4FulKrTVrtVS4YpSCpgmqvsSiVMK6qa9ZgPZ_PesY95t1NpoDgWj1rBp8mNHAurXdQETiJ-vlCegJOBmIcoJ5QjbJZL5aSBO-_ZO4GApRIxFqQQ44Uu-8_XXXXRiq_SrAh6kW2K_GcyA4edZl4Rl19z8yOC-puwvY5D69bx3myg8cBoDIglHHGSz0Zrds59L0_jwdqVONY1qlb9qJvMFQXnHFj-JGH3AW0_pyqJNYEp19n-QLYan_ZckzqDxBKsuq5StPRl8d-L6sVjYBxGuEj7qZfY6RmnYX_Jb7cuLz7cPi5iIVmxPeUAQMjOCR5X6z8NCsQA7GoiW8F0xEC6ZX6D7pNHdZH5EYfanwoxBR3WBtD4C9FH2UFzPOIaHGX0brq_O1ufUFQSB01hnN82CvRE9BVDfDzJ_rSfUM2MyfjZMGSfcri8Na5T-wC7vsbZV68NxAOqMzE1oII7eIXTbmK5qRy5gJaa8eg_XIOosJqgCm_jlm0ZVKaUMZw4dzh9OZfKkl2Jj5kApsfSjqvPMWGkEIBBI7AC8eF_-2wajCLT3gtT7s8lG_70geu2rRDvwQXBA3VlVzo-W3AWZ3OachP5sbVifOVooJm5y7Y0C6jk0YAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1015139120&ias_pubId=pub-8828587149473437&ias_chanId=1&ias_placementId=20855602476&bidurl=https://revistagalileu.globo.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jhpaJYC0lBaqne3c-BWmE4&adsafe_url=https%3A%2F%2Frevistagalileu.globo.com&adsafe_type=y&adsafe_url=https%3A%2F%2Frevistagalileu.globo.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2bd2dd32-5b07-bf0d-9d46-7e5f30f324eb,c:1IDD7a,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-56p6p,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:eudisney1,mtim:3,mot:0,app:0,maw:0,fm:u1MsPN5+11%7C121%7C122%7C123%7C13%7C141%7C142%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c1%7C1d%7C1e*.1806749-77544531%7C1e1%7C1f1,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:17,oid:1f2f6800-b685-11ee-b1f0-eede9395fa5f,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_970x250.js

Request Chain 351

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENPgdrnS0YLXQb0klqKul1M&google_cver=1

Request Chain 382

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAD5IQeBc9ReFa2RDYmj4Y8&google_cver=1&google_push=AXcoOmQ2YX6-FpLtz5Gk5iGRRhfLmFD4F8rUTPK4yaWCq5krSzxM2_mcdOpmtqQDrSGIp7nXKEHcakD7_xik8j1HEzqy5jTjoHo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ2YX6-FpLtz5Gk5iGRRhfLmFD4F8rUTPK4yaWCq5krSzxM2_mcdOpmtqQDrSGIp7nXKEHcakD7_xik8j1HEzqy5jTjoHo&google_hm=fJhnrprUR5y_6tXgECrd9oc

Request Chain 383

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKjZQHHxCWHpWSRgSEY-xpo&google_cver=1&google_push=AXcoOmSj14IUl2rRPcd2VP7IOHpBLYy84c5zRP2GvDujOS9aLmT5dcyPs1Ta-JfE-j51vA_Mf5lnpxJ2SP4s8V9WklMG5pSBCpk HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Y2s4jwAqR9c4-vzewFqvoA&google_push=AXcoOmSj14IUl2rRPcd2VP7IOHpBLYy84c5zRP2GvDujOS9aLmT5dcyPs1Ta-JfE-j51vA_Mf5lnpxJ2SP4s8V9WklMG5pSBCpk

Request Chain 384

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELJ80bwVzTKHshhoADztqMg&google_cver=1&google_push=AXcoOmQyfPPshR5anAxJMdcX9q-zQh6g3ItlZk6v3zlt-SweOdiLvtZ1G2ePb8-26yt48Ex3krJ_qwspzxOQzfuQCfO6cwzDmEE HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELJ80bwVzTKHshhoADztqMg&google_cver=1&google_push=AXcoOmQyfPPshR5anAxJMdcX9q-zQh6g3ItlZk6v3zlt-SweOdiLvtZ1G2ePb8-26yt48Ex3krJ_qwspzxOQzfuQCfO6cwzDmEE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA3NDE3NzAwMDg3NTU0ODE4NQ&google_push=AXcoOmQyfPPshR5anAxJMdcX9q-zQh6g3ItlZk6v3zlt-SweOdiLvtZ1G2ePb8-26yt48Ex3krJ_qwspzxOQzfuQCfO6cwzDmEE

Request Chain 385

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJIkC4xnxOgJOYDRhBKLXlc&google_cver=1&google_push=AXcoOmQBEd2dGw24HESlf0i2l6Y9npcnEOxjn6p-FKngAWzIdhBC9eZ2ruwn28KDtnCkfbPUarIitI42hDrIVFZn8z43nuXY HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJIkC4xnxOgJOYDRhBKLXlc&google_cver=1&google_push=AXcoOmQBEd2dGw24HESlf0i2l6Y9npcnEOxjn6p-FKngAWzIdhBC9eZ2ruwn28KDtnCkfbPUarIitI42hDrIVFZn8z43nuXY&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQBEd2dGw24HESlf0i2l6Y9npcnEOxjn6p-FKngAWzIdhBC9eZ2ruwn28KDtnCkfbPUarIitI42hDrIVFZn8z43nuXY&google_hm=IA_6rGZH5p4odlTfTd6HgM2L

Request Chain 387

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBU9PNfnA7cDhGf89LU8xKg&google_cver=1&google_push=AXcoOmRehb1hIxojFqBDi_K8iVaAC0YqTSUVBaBhCjKvnDgjln_1IGr4FBTHQvGHCB5XqXbB5Es7xNbFPG8k0soyah2xqDXDq7pN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2Mjk3MjEyNzU5Mzk2NTA1Mw%3D%3D&google_gid=CAESEBU9PNfnA7cDhGf89LU8xKg&google_cver=1&google_push=AXcoOmRehb1hIxojFqBDi_K8iVaAC0YqTSUVBaBhCjKvnDgjln_1IGr4FBTHQvGHCB5XqXbB5Es7xNbFPG8k0soyah2xqDXDq7pN

Request Chain 391

https://fw.adsafeprotected.com/rfw/bgd/1806749/77544531/xbbe/creative/adj?p=APEucNVQBM3flZcx85qGvX5SklzynvfAD1oUAuVOEYjtags22mxCcKg&d=CpkBAKAmf-Bh-FV0UE1wORnbo8TSEUDeCIXXZGi7znNT6zUdoIgoNrMkV5Cuv4-rkvPZ3tST8_bCcsK8LXV5ytdBv7ecYjnx0XFFGEXQ_fkxTBDXM3C_S9ODQ3K5C3El-BO7CJxD8H3taPGIX90AsVlaWeuc-CW0YBASw0Kt1nuKbfmn_otaYQ_HJNR9NfGPijyPxBeqrwCOb8-zEvkWAKAmf-DxIl3TfEnNyc9R8MStfWgzCG5sF03j95LEyQoXXTD6Q0gGxC8_wRYQy8n65aCq0EBLXGjGMATx92j2BxWahT7uRTyv0u360zDh_tjEsp8lFg9-GEzMbeNdWU7uyZgYaxPCBC7YOnitad4A2p-PW2XOt4370IA5xJ2ygqfiooUWGy3cxztFISsBw4UpJxhHbw_fiK5dBzM0PqSKntvuBbr8_x9qBRaF_SFV65nKsu-BSMxJbIkDnRMjPWvcl6g2ZUjqxFBRlA3SFGHAS4TyIRWfxhDV3BJggYMHMSSKqd0HYx6JIW04Y1zlTTz53K8WG7Yz_Ivr_GdR2p2lio49tYjB9Xd_fUF2Vkia-9scGNzgdznLFZ3qEUbQFARKKsHtY5k6a_mxqnA7HPLbSyWQ0G8kahWtKRgn6T28TQPtsl5qZAPpWZkKKfMQAXjACAHO4oeuFD_XkpC92O5fEnktCCRcQcBtbjUDT2YS24UnJbcSjNW3nYqRUdR7RqRjGw4hrAyd1dGS3qkow0wajuTtnzOh4FOFAVA_vmepbT01GdnF0k9pGCad5xbqi5Gk6CbVyFJfufd0JAKcb6LTBe2YjyPkK0H4qOcBffYeCq74M76PikUJYNpW43WpNkOziQM0K8tFs4E0CPmxx6JkzBV2xZJAGaDd44eBwngz4drUSEHIoEIKHKxa7qZHlqJylynE5yOEeUTvmZocP-FzPxof588VUahJJGESSBueCT2aQCYzV4l9gt69liHFpwjaNxt5AmB_Iwol1PG0VU3nm5l4qRG8qXDfkY8OLY1nFr_oXZuSbxv-03fKz40BBaTrxl3FO7zuwiscWVVbpSHSpONSFC6XR0QAXXYA4rKN73aRXOCphI8QiDWHb4jykWqP7OVHhXkQMxq1fBIgwoGe-P32e2W1l48zJnyicbDaP97lWu7wnPsCEIWef9jLdxcEJNayLDqLbd_95VY7GqWD90-YrvW_7yjbYRVK3kpfZv4NPXlST9YRZhWrHsgRhXZ2hKHby3vPF8PNhScVaEKflPYZ-qJcD2HFKoRllqsXuhsqwe44COJwGYtUU7hTC9a_Z8Tv58yPzfTjI9PgUWtmLGNjDlXoDVYZZsOaZrLfOEgN9gmgwMT7-fJjPIK1RHwCaO0g1IsA4Oq-gMGE5M-r5BskZLL3-P-GQxG072rdjqhWOp-20m1Ur8OdLzJXze5OM8oZ3jd2r1GYOLPCLrmgY1p1mwC3NDDvYuSLhhPjC6DRzLWUTzQhXo1iqqrcORPAa385A4kJNAPGgHpaS5lcTDBjbdpeLLTLaXminYYgziT9QRAOBoosbTa7W4_j7JuP3nmy20QhrQOvm6Xp_nO0rZwXJUGFn4ppjlsL_TmocmP_4gNFrDmPvyZUKS2bbXagNQjRo8ncrz-A7j0byBSgGR2JbcTXVBJDaNzspHcOsJB-c64_T7A3bjEQ6IxwLYzb7a1bYY6lOPop8Mdk09LM5MXeAdJFOM2vR1U19cYZ8g0JyvNK5DHxwYpfg1H_crHDHRfoR0h8a69uDe9ulH9NlwJsZEUL2m_j61-jdE9nHKyiGMdVKnlTYFIlVNjGWFHiMLhL-wD8C6-kYUVbZwPjuCcH00SXYw5qcb9pgr3INMzrLQRzI6l43rdkReS1VsDFUgSQ5RlQtUcjVIvK_RE6ofsWzUt5DlsB_AEXTXgE8u4Ysf7sHD4N228FmX7Bl9brR-pZ1RWt8YVEMzY_P-AsfogHJAgbDrPPz-MLsONgspUHKlYTbA3ll4VAvATaKR6UDa_Axm4wuCFTlZKRb9XmT3s0jF-Ci6buBxl-yQWvien0TyURVgktToqNNFdSD-1MpHRTm25M2I-6v64zDrbsw4_hTkB177xZy9r-l1NTbXxWsg9e3_luKnpRXRoJD7vuCCbx777Dq1iQNRC7r-fBZo2t1sLZZNpuSapEllfJzAEqoZGJcidtjEGUOPuU5ZxRpFpr4lYufB99VDseuFJHVKqbzpNkk8KX1vY5XjIVoTo74WdYhnpKY5keusIKYwYMZgMx54_UlrcAc_IARwq3Gdpa_dOl2AE1ZtxGfYPsXgIgNVabT3AL3wNLgB7SNdZ6A98BdV6HMdZ9_-5zZ5mmMACJf0qE1yZ7fCWQH1kwKeoxJEDHOGOU7XDc6SfFkDSYiHubLBjfkpFjbS0q9paZKp-pf-bcAlFAbryGIfAoy3vzMD90WjWWVNH5S2bQh_Wehq995OIlcQHTou28K-y4g7Gs8Dl5ELcGfzbrZiyCjhjkWfjQ4Yp0fKXOJdUydHN_ErTf_6RCutlvPYwEaINp03d7WfhSPcXER8DUzkPR4_eMgAHufT_25b7GOaMYwl2f-uWgpAQwwBPJ2aIZacaK0wJ8wBYpnU6WuXb68trHG2U20Tr_bI4awCTU7cSQlDoBpSLl2WaOPjBcgBFmjs4En2sE9oZHJJCa8yQ-7_EFNg6sjDU1BcXAEHw6F3COOnDkW3KAx1Q-Gq6_dlUidHBuRusRB6SmVX6YJyAX6Fe4Vw3Ghjnxvaakt19SF2d_TJjmG_r-rOPJdGgQD4JfKYJhdrHPE9NZes59FsnB6MzdEVwLtD67mrhEMpadSEk4M5jTqIOKr_DZOpYHS8iNmV4S_jd_l4GdXLqHn5PhsWD3R88OVcs_VMS7tDEbDip18A8dqQ1Qxi1dbgkz9QE5vzat2hp2qu5HvApvuGS0kanFq6LjAdnBweQ3lvrdaCDvVTH39yT9kIbQVKVhsc4AQHVq14CpQsDIx5CvVJtDBgHYWCnfzKYykqW-1kO7mbvxE94XAj9emYJ4yEShQ7tw3gyNxse3-ifcPOmP0u27WvtwYrJKC0UQFeyvFXLk369gcmnFxzcGCU9S7VEF_R2UnV0Reb3LYcF3wYfrXvVz19Sci8pLD8ptfJZr1ytjIHWn7ybSXvAq9d0dUP8kPIF5UoAWyvrbReWAzDnFSoo0azWdbKtfDJcxyU-IkRDC_mkrjI4STF3GuT3YNjtxCSCcxeHKqim7jVYNkxcNarOCl8qkJbQR-ZGM2nmkv9Xubv4FZOPWq48MTQDsdFayp3Cm9pPw1l4f7O9tImqFCGu5FgANNh4L236k3lzepvbPmmAXGQtsH_F61dNdMPngzSJHe0aMckl2VFfbt3iyS40FMQPt__MZbqQtjrCnDwRW99nLCKh5QyJhbI4lQlrPaFvwAexQ8Jabj4WiuhKmw61nXS63rr3bHIws3Nhy7ukKv9XU-3KndV1Wj_zgB30AAVbT8a2N8r8-QDUaHMZI4G3Upiz0qbmvm8BMrPJPZN8Spi_6xfd2l-ACO9tNn5NNwjrH7DVBwJnVQpOZF9PRpEY7znYMnl9iKvVrIoo9CknzVo7E9CyRM2TrHv-rDDaTYBiq_yvb2_IW_W_gTw6excEG8CWlMz7W4KFFOxYpjolmE90EwlB00EOBatIdBd1Md4c-ItULxL_rDdROWflVX2uY3YaQud7ZSmGXUjbeJyWpSDwCWZhJleoFXVxUfGu0YKUwp1eSJRNZFhLx1UYM_GLatIN15WSvMvXmhKRYPmy7H2CGAJD-tkE_DRkDuj4c8pUufXxvlRyzxrYXuZCwMDNdHABe6g15uTJZhxuI2wmGn-9nPWATB5hXaYu13nTC_rIxegcdbft5ouFxN_hybbsMYIZznBubj4BLbHLVPFMAVEnYC_GekoSQcgTjtem289ksgVh5ufYAwyKVm5LUEqUJo5_6iELXfcPTZaw1fILMcgDOn81N731dXazylsUg0emOl4zQDEP6mxZAzv6wBVTUuZh-yBiwfz__blVDxn1QPLYjv--Mc-k8wLqgHYcFzsIZO2thAZ785pi055LdIbILXfm4bZDgu1PdsVJp6BNvKpk0SULBFY11X6IV8bbOGkEIBBI7AC8eF_-El-w2lFwdExplGWWneS0uOwf-jri7EscdY3u41PpYUGbb-o6Qav84oVuQanqXuKJ-ynj0mYQYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1015139120&ias_pubId=pub-8828587149473437&ias_chanId=1&ias_placementId=20855602476&bidurl=https://revistagalileu.globo.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0ic6NfWVbFaa9IAQQA2zvjX&adsafe_url=https%3A%2F%2Frevistagalileu.globo.com&adsafe_type=y&adsafe_url=https%3A%2F%2Frevistagalileu.globo.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:975841e1-4625-d8bc-444b-781277f881a6,c:1IDDbg,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-hh8wn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:eudisney1,mtim:2,mot:0,app:0,maw:0,fm:u1MsPRf+11%7C121%7C122%7C123%7C13%7C141%7C142%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c1%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1f*.1806749-77544531%7C1f1%7C1g,idMap:1f*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:14,oid:1f52a752-b685-11ee-9bb9-36c1cb0d2b6a,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_970x250.js

Request Chain 417

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM1GYKYJ8KIXZEcONv4xYNw&google_cver=1&google_push=AXcoOmRohCiSb9GY-nrQvUvMxluZf2xl_I-trhOoN9paRZL4sTFqjjXL_mH4H01BBsIJEexS3RKjRG6p6Mo3uOqXOWouDE-uXuYFDA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM1GYKYJ8KIXZEcONv4xYNw&google_hm=Zan9pREV6gV7G2XaGiiqFAAADHsAAAAB&google_nid=index&google_push=AXcoOmRohCiSb9GY-nrQvUvMxluZf2xl_I-trhOoN9paRZL4sTFqjjXL_mH4H01BBsIJEexS3RKjRG6p6Mo3uOqXOWouDE-uXuYFDA

Request Chain 418

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEK8BhczH6U_vAr5JWAAQ0J4&google_cver=1&google_push=AXcoOmT51EjwhIGW2YlxR2GXP37bo0u7kMCZXCZ80rkO8nC8H7RiiSzyTJd63hta85fFHteFuAHVQYUdcMaDRlzHdNWDlY6afGGUAQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT51EjwhIGW2YlxR2GXP37bo0u7kMCZXCZ80rkO8nC8H7RiiSzyTJd63hta85fFHteFuAHVQYUdcMaDRlzHdNWDlY6afGGUAQ

Request Chain 419

https://sync.inmobi.com/gob?google_gid=CAESEAd0cXB1kG0nXbOBZQFkQwY&google_cver=1&google_push=AXcoOmQHdrfBPJySsAlzkZv7QxIF5vgt7ocg4GXJWJZFpR9IIYzTzSJm__lW6QbRP8ifDi-DAjlAmzL7wBL2XnqDu0SrAzJe4aLmf7E HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQHdrfBPJySsAlzkZv7QxIF5vgt7ocg4GXJWJZFpR9IIYzTzSJm__lW6QbRP8ifDi-DAjlAmzL7wBL2XnqDu0SrAzJe4aLmf7E

Request Chain 420

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBU9PNfnA7cDhGf89LU8xKg&google_cver=1&google_push=AXcoOmTYPDV_nU21nclOyacBw50sNp3m_Hq3PROEtnFn6kgRg_MVENCP8z5IJBzWgnQ2th8itaQm0Q0tiTONRMqqcZWU7DKRUON_J00 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2Mjk3MjEyNzU5Mzk2NTA1Mw%3D%3D&google_gid=CAESEBU9PNfnA7cDhGf89LU8xKg&google_cver=1&google_push=AXcoOmTYPDV_nU21nclOyacBw50sNp3m_Hq3PROEtnFn6kgRg_MVENCP8z5IJBzWgnQ2th8itaQm0Q0tiTONRMqqcZWU7DKRUON_J00

Request Chain 445

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Request Chain 447

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=714817281443e1daacbca339ceac1e&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 510

https://gum.criteo.com/sid/json?origin=publishertag&domain=globo.com&sn=ChromeSyncframe&so=3&topUrl=revistagalileu.globo.com&bundle=mXihpV9yT1dJWmdPVUZNRTR4NElINUV5dGJ6MG9veFpQVXpIMVRqTzFmV3o3Q0FOcmc1RXB4cUs0NURIWU9zNHBnWWR2YUplRlpYRDBPa1oxc2h6ZHBnUWV3czZWRmZtbiUyQkdZZkJNUWJzQzhPb0syZ294dlFwdWtHWUVDR3pkVXhxMktnOE9qeGlhREJPcTJOenhRYjNidTV6ZyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=juayEnxxclZMbitlYkdsWUlhS2pDVzFDSTVLamV1T1hMUjZDb1dLOEFlMmFwa2dacFUwWWxzcDdhUC85TjZMR2dId3l0M0JPMFRpc3g3WlVGaDlxQVVsbFhpck5kL0JCTXR0bFpIV1F4Y3V0Y1dzbjV2UU5US2lBZ2JoZ0Y3eE1CM2kxR1oxUGVsaTN3Yy9MT0ZDak1SYUsyRU1nZ05DZXNUNTN1UStlY0hKZHhJMXVWTndYVy9MSW8xRi94ZVh5RzFoUk9oVTM1SmxDSHU2QUN1b3pRNGFqbG5vN21Ta1JWT1d0QmRsL1d4ZmFpTnpvNUdaeFd5RWo1eVVuZCs5alp1SUpsa0N2bk1oSFF5cnd6cVl1UWxCZVNvVWQxbmhER1J4eHAzNXlRa1luc1JQZz18&cppv=2

700 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
revistagalileu.globo.com/
Redirect Chain

http://revistagalileu.globo.com/
https://revistagalileu.globo.com/

463 KB
88 KB

722ms
264ms

Document
text/html

201.7.177.250
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

201.7.177.250 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

0ee946d183195f612c831375e931a39e7ad2413bc8ef83fe6b333ee12931f39b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=10
content-encoding: gzip
content-length: 89902
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 04:42:10 GMT
expires: Fri, 19 Jan 2024 04:42:20 GMT
show-page-version: 0
vary: X-Forwarded-Proto, User-Agent, Accept-Encoding
via: 2.0 CachOS
wall-blocked-session: 0
wall-subscription-level: 0
wall-usl-status
x-bip: 400574132 cmah19lx40ca03.globoi.com
x-cache-status: MISS
x-content-type-options: nosniff
x-location-rule: homes
x-mobile: desktop
x-request-id: 4173a476-289a-4ef9-a25e-1cfebb77f2a4
x-served-from: rpaas-multi-domain-edg2-prod, Show Services GCP
x-thanos: 0A819C85
x-virtual-host: revistagalileu.globo.com
x-xss-protection: 1; mode=block

Redirect headers

Age: 0
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 19 Jan 2024 04:42:09 GMT
Location: https://revistagalileu.globo.com/
Vary: X-Forwarded-Proto, User-Agent
Via: 2.0 CachOS
Wall-Blocked-Session: 0
Wall-Subscription-Level: 0
Wall-Usl-Status
X-Bip: 99021142 cmah19lx40ca01.globoi.com
X-Content-Type-Options: nosniff
X-Mobile: desktop
X-Request-Id: 23686dbe854053a44e996c08f4c5fdfb
X-Served-From: rpaas-multi-domain-edg2-prod
X-Virtual-Host: revistagalileu.globo.com
X-XSS-Protection: 1; mode=block

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 100 KB
30 KB 89ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

867443e84ec298e6c3b3009a7fdf5dff345332703b635efbf2407f75d29f0d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30285
x-xss-protection: 0
server: cafe
etag: 712 / 19741 / m202401110101 / config-hash: 4827389799172652304
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 04:42:10 GMT

GET
H2 200 lib-pub-relay-galileu-latest.js Show response
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/galileu/prod/ 2 KB
1 KB 1151ms
450ms Script
application/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/galileu/prod/lib-pub-relay-galileu-latest.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 858683a11966c02a6e8ae8e1f0b6438c243f9994a1376836f9a4b75a5b355c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:11 GMT
content-encoding: gzip
x-openstack-request-id: tx5b452585621b487582a63-0065a9fda3
last-modified: Fri, 18 Aug 2023 21:17:37 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1692392185.000000
content-type: application/javascript
x-timestamp: 1692393456.48834
cache-control: public, max-age=180
x-trans-id: tx5b452585621b487582a63-0065a9fda3
x-request-id: 490fc1e2-fb3f-4216-b095-66a5c413b703

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 56ms
21ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 04:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 03:10:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 04:42:10 GMT

GET
H2 200 tiny.js Show response
static.infoglobo.com.br/paywall/js/ 270 KB
72 KB 697ms
219ms Script
application/javascript 34.151.224.123
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 123.224.151.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f9309b9d87fcd6073801d10f89047c2e4466e566abeb77767a30fb9f946dc05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-location-rule: static - tiny.js
date: Fri, 19 Jan 2024 04:42:12 GMT
content-encoding: gzip
x-openstack-request-id: txc6763fc9a0fb49fc90fe3-0065a29f77
x-cache-status: HIT
supportspointer: true
x-trans-id: txc6763fc9a0fb49fc90fe3-0065a29f77
x-request-id: 99169f564b02a92e1365708f22f42fe8
last-modified: Tue, 09 Jan 2024 14:24:41 GMT
vary: Accept-Encoding, Origin
x-served-from: infoglobo-router-gcp
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-timestamp: 1704810280.42202
cache-control: max-age=600
charset: utf-8
expires: Sat, 13 Jan 2024 14:46:31 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 103 B
617 B 35ms
7ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Jan 2024 04:42:10 GMT
age: 2644181
detected-user-agent: Chrome Mobile/120.0.0
server-timing: HIT, fastly;desc="Edge time";dur=0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/120.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 glide.js Show response
s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/public_assets/ 23 KB
8 KB 1149ms
449ms Script
text/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/public_assets/glide.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: f7ab917c78e9a4eaacd4df4ac7ed66b415576f37b58336b390bd5e450d359ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:11 GMT
content-encoding: gzip
x-openstack-request-id: txca1f3b6236f74b36ba706-0065a9fd07
last-modified: Mon, 12 Dec 2022 20:41:46 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1670877705.18812
cache-control: public, max-age=180
x-trans-id: txca1f3b6236f74b36ba706-0065a9fd07
x-request-id: a3c544cf-0aaf-4db5-85af-2dbf05facca8

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
814 B 56ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;500;600;700&display=swap

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 04:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 03:42:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 04:42:10 GMT

GET
H2 200 lgpd-lib.min.css
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 11 KB
2 KB 925ms
225ms Stylesheet
text/css 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.css
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 507acc179bfa7c929b83831d028f83b5fa85a02c9426588657ece1da51ae6b43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:11 GMT
content-encoding: gzip
x-openstack-request-id: txc80941831c0b434d877b1-0065a96aed
last-modified: Mon, 09 Jan 2023 17:51:24 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: text/css; charset=utf-8
x-timestamp: 1673286683.73068
cache-control: public, max-age=86400
x-trans-id: txc80941831c0b434d877b1-0065a96aed
x-request-id: a604fb0a-a942-4196-a8f0-9b8a4951320d

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ 103 B
192 B 8ms
7ms Other
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Jan 2024 04:42:11 GMT
age: 2644182
detected-user-agent: Chrome Mobile/120.0.0
server-timing: HIT, fastly;desc="Edge time";dur=0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/120.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/ 430 KB
136 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8730aafbdb6d03c6d4a37f76ebf8d504d5706fbae56686399a4b198981a0b6be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36773
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138464
x-xss-protection: 0
server: cafe
etag: 13337571285874554267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 17 Jan 2025 18:29:18 GMT

GET
H2 200 barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/ 22 KB
5 KB 1506ms
225ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-location-rule: barra-legado
date: Fri, 19 Jan 2024 04:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 485632959 ra03 11 08
age: 134
x-cache-status: HIT
x-goog-meta-x-goog-reserved-source-generation: 1669739324870000
content-length: 4317
x-xss-protection: 1; mode=block
x-request-id: c41f87c5-e5f2-4e39-90e7-d03006b0cffd
last-modified: Fri, 02 Jun 2023 19:14:58 GMT
x-thanos: 0AB1D01A
etag: W/"c580509368f67b01edaa2d4f8057bbbe"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/css; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 19 Jan 2024 04:44:57 GMT

GET
H2 200 map-of-suspected-ice-at-mars-s-equator-pillars.jpg
s2-galileu.glbimg.com/MD-Iqz323n5h-eR1_Vzaq65-Gbg=/0x0:2475x1080/1200x600/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/6/C/pjWTwUTzyTkd... 117 KB
117 KB 2230ms
803ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/MD-Iqz323n5h-eR1_Vzaq65-Gbg=/0x0:2475x1080/1200x600/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/6/C/pjWTwUTzyTkd5OuAl0kQ/map-of-suspected-ice-at-mars-s-equator-pillars.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: db4754d31dce8cb57f3465ae442079e67cec3bb6937909a4e69f8bfa00bec548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:47 GMT
via: 2.0 CachOS
x-bip: 485447616 ra01 14 03 02
age: 31009
x-cache-server: thumbor/nginx-cache
content-length: 119746
x-cached: HIT
x-request-id: f850bc90-614b-4bf9-8750-56290423b425
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "de5019045136aa3023aae87217d830b768ae192b"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 17 Feb 2024 20:04:50 GMT

GET
H2 200 iconmonstr-facebook-4.png
s2.glbimg.com/cWoapOrMUnm2vH1lMTz98FEIsIg=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/1/k/iEdWZ6REWbWitZMzs7nA/ 40 KB
41 KB 2212ms
916ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/cWoapOrMUnm2vH1lMTz98FEIsIg=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/1/k/iEdWZ6REWbWitZMzs7nA/iconmonstr-facebook-4.png
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 41bf4686e95c371d9a68dd5f0258dad3e3c881e4916170c5bc4c9e6818a2ac17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:47 GMT
via: 2.0 CachOS
x-bip: 488191861 ra01 14 03 02
age: 534172
x-cache-server: thumbor/nginx-cache
content-length: 41192
x-cached: HIT
x-request-id: 837ec9b1-0eec-4b10-95ff-63e301c1c44e
x-forwarded-host: s2.glbimg.com
x-thanos: 0AB0D090
etag: "2fc1e52c8b38cf3d065f75a92c457b1b0815f9ad"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 11 Feb 2024 22:18:56 GMT

GET
H2 200 iconmonstr-instagram-14.png
s2.glbimg.com/qS63JeGctexNDoaWELdqKXI_iAE=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/g/h/X5MruuTqqsE7o1aNrwmg/ 60 KB
61 KB 2211ms
914ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/qS63JeGctexNDoaWELdqKXI_iAE=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/g/h/X5MruuTqqsE7o1aNrwmg/iconmonstr-instagram-14.png
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: dbb8a07ee2515780441105ea9114506a727116bccadf6094dfaa48ed01587bd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:47 GMT
via: 2.0 CachOS
x-bip: 1052670454 ra01 14 03 02
age: 534172
x-cache-server: thumbor/nginx-cache
content-length: 61774
x-cached: HIT
x-request-id: d15c0514-adbd-4bc3-bd6b-f5a73dc0ccd7
x-forwarded-host: s2.glbimg.com
x-thanos: 0AB0D090
etag: "efa9b62744dbdb7de0afca5ac688820649dc30e0"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 11 Feb 2024 22:18:56 GMT

GET
H2 200 iconmonstr-twitter-4.png
s2.glbimg.com/GyyC_wi5q5wGjryLapOZInBBxO4=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/r/R/sQZuaWQUWUXFMEAK7yCA/ 71 KB
71 KB 800ms
226ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/GyyC_wi5q5wGjryLapOZInBBxO4=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/r/R/sQZuaWQUWUXFMEAK7yCA/iconmonstr-twitter-4.png
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 585ac96a5411bbc137440554c2c1ede75f336ca229e7dceec92554d53f65fa79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:47 GMT
via: 2.0 CachOS
x-bip: 486849318 ra01 14 03 02
age: 534172
x-cache-server: thumbor/nginx-cache
content-length: 72512
x-cached: HIT
x-request-id: 5b4c40c1-f671-4b52-beea-5822fa74ea82
x-forwarded-host: s2.glbimg.com
x-thanos: 0AB0D090
etag: "97d09318c3c218be958fe9cc15dbea581a8bb36c"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 11 Feb 2024 22:18:56 GMT

GET
H2 200 tiktopicon.png
s2.glbimg.com/L8HrAisRwQDFAGsQXGFJwJbcixY=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/j/M/Vr3i66RJS8SIPFj5J8mw/ 18 KB
18 KB 1489ms
915ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/L8HrAisRwQDFAGsQXGFJwJbcixY=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/j/M/Vr3i66RJS8SIPFj5J8mw/tiktopicon.png
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 6e92c5db60dfbacd8761bc9e07f287f29236d36c4c00cdb23f1a3e97be900564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:47 GMT
via: 2.0 CachOS
x-bip: 485447613 ra01 14 03 02
age: 534172
x-cache-server: thumbor/nginx-cache
content-length: 18446
x-cached: HIT
x-request-id: 668e6ab8-250f-4e18-a6f2-9a4e9a383792
x-forwarded-host: s2.glbimg.com
x-thanos: 0AB0D090
etag: "ecdd2ecf011647ab86561f7b929872eb9fc47ac5"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 11 Feb 2024 22:18:56 GMT

GET
H2 200 icon-ionic-logo-pinterest.png
s2.glbimg.com/1GW9yKA_K9A-kyBQIaEr1lKMkRw=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/4/Q/cfVkBKSTGNaDoUvR0iSg/ 52 KB
53 KB 1489ms
915ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/1GW9yKA_K9A-kyBQIaEr1lKMkRw=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/4/Q/cfVkBKSTGNaDoUvR0iSg/icon-ionic-logo-pinterest.png
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 210386e617b9dc6c08f6e7ac33b4339a900e42a48f8e19554f220db1bfb8f50c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:47 GMT
via: 2.0 CachOS
x-bip: 389532502 ra01 14 03 02
age: 534172
x-cache-server: thumbor/nginx-cache
content-length: 53678
x-cached: HIT
x-request-id: 20598e99-56b8-4a89-979d-9107873d2866
x-forwarded-host: s2.glbimg.com
x-thanos: 0AB0D090
etag: "1bcd30b8afb631600038bfe516a5ad6eba12a926"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 11 Feb 2024 22:40:00 GMT

GET
H2 200 iconmonstr-youtube-9.png
s2.glbimg.com/JcfnFxnZtZgIsXo_jPmdEvegtYI=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/a/x/LJ93FJR92ZCXoCnVP8Yw/ 57 KB
57 KB 1488ms
916ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/JcfnFxnZtZgIsXo_jPmdEvegtYI=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/a/x/LJ93FJR92ZCXoCnVP8Yw/iconmonstr-youtube-9.png
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: f39b0751b3838eeb4af072e5527745e762e8024eaa29514e855fb4dac78ab5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:47 GMT
via: 2.0 CachOS
x-bip: 489455779 ra01 14 03 02
age: 534172
x-cache-server: thumbor/nginx-cache
content-length: 57934
x-cached: HIT
x-request-id: 72e65e24-b824-4512-895d-a3cd494d7c0c
x-forwarded-host: s2.glbimg.com
x-thanos: 0AB0D090
etag: "dbf71c2adbffe82072a3da12faa12a81e00a9acd"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 11 Feb 2024 22:35:06 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 45ms
17ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2745
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 847c68df2aaa373d-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 22 Jan 2024 04:42:11 GMT

GET
H2 200 element-tracker.min.js Show response
s3.glbimg.com/cdn/libs/element-tracker/1.2.1/ 2 KB
1 KB 227ms
225ms Script
application/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/element-tracker/1.2.1/element-tracker.min.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 6b37c75dbc0ad1368622265600d903b3cf22d7dc64e6bdd07959c4a88c0474e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:11 GMT
content-encoding: gzip
x-openstack-request-id: tx087e2ea371fc45f9bee87-0065a96af0
last-modified: Mon, 20 Jun 2022 18:57:02 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1655751421.54746
cache-control: public, max-age=155520000
x-trans-id: tx087e2ea371fc45f9bee87-0065a96af0
x-request-id: fd0aced5-ec0f-43d2-b4a4-ba8c5cab2d1a

GET
H2 200 jquery.min.js Show response
s3.glbimg.com/cdn/libs/jquery/1.8.3/ 91 KB
38 KB 229ms
227ms Script
application/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:11 GMT
content-encoding: gzip
x-openstack-request-id: tx8d350b39cec44c4d92f53-0065a96af2
last-modified: Tue, 09 Oct 2018 19:06:54 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1539112013.52960
cache-control: max-age=31536000
x-trans-id: tx8d350b39cec44c4d92f53-0065a96af2
x-request-id: 259a9ac2-c5a3-4c8f-9509-ba9d9b3022b3

GET
H2 200 lgpd-lib.min.js Show response
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 46 KB
15 KB 458ms
456ms Script
application/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: ec0d8435d5d30bc297e0b2db3f87fe8fc998b3440d56f33205e702c57a84443d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:11 GMT
content-encoding: gzip
x-openstack-request-id: tx230d84ec4f5d47a986e1c-0065a96aed
last-modified: Mon, 09 Jan 2023 17:51:24 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-timestamp: 1673286683.73565
cache-control: public, max-age=86400
x-trans-id: tx230d84ec4f5d47a986e1c-0065a96aed
x-request-id: 3f288867-b4cd-488a-8a9c-c4fa526a75ff

GET
H2 200 3efac754de48beab3d6856c94bd81c7c.js Show response
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 266 KB
91 KB 903ms
452ms Script
text/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3efac754de48beab3d6856c94bd81c7c.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: e7b46092fe3caa03c8ef57a96bc6645ff76473cfb84d67498e5e160232e64dc3

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:12 GMT
content-encoding: gzip
x-openstack-request-id: tx1fc0e969c0a147c3a44ec-0065a5a74e
content-length: 92331
x-trans-id: tx1fc0e969c0a147c3a44ec-0065a5a74e
x-request-id: f4787235-e000-4c18-88cf-c054610098a6
last-modified: Mon, 14 Aug 2023 14:58:42 GMT
x-thanos: 0AB24047
etag: cbec02b20099221c71bfa6c2eb5cc08f
vary: Accept-Encoding, Origin
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp: 1692025121.97745
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 6dc90b0abd29710d456cf3a4a00460b0.css
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 7 KB
3 KB 678ms
228ms Stylesheet
text/css 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/6dc90b0abd29710d456cf3a4a00460b0.css
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 6a85e2cc5c1ed85af71770f23a2b1dba898cbae03207c50bec5b4a8c6c8e27ed

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:12 GMT
content-encoding: gzip
x-openstack-request-id: tx6ee63aaf87ea4612b3608-0065a93c8d
content-length: 2562
x-trans-id: tx6ee63aaf87ea4612b3608-0065a93c8d
x-request-id: 0c920604-4290-44cc-a7f7-2dc2353b2155
last-modified: Fri, 05 Aug 2022 17:32:39 GMT
x-thanos: 0AB24047
etag: add3b553b6a28ac905fc2974837fc0ea
vary: Accept-Encoding, Origin
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp: 1659720758.42773
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 lib-pub-core-galileu-latest.js Show response
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/galileu/prod/ 55 KB
15 KB 456ms
456ms Script
application/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/galileu/prod/lib-pub-core-galileu-latest.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/galileu/prod/lib-pub-relay-galileu-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 9e535ddc1581b9d523dcb42e237101bfcd89efdc3398a076a421ff782b0544ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:11 GMT
content-encoding: gzip
x-openstack-request-id: tx893c0719c02643bdb8a73-0065a9fda3
last-modified: Thu, 21 Dec 2023 19:15:14 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1703185840.000000
content-type: application/javascript
x-timestamp: 1703186113.56961
cache-control: public, max-age=180
x-trans-id: tx893c0719c02643bdb8a73-0065a9fda3
x-request-id: dc1e24d4-0c6f-4097-8b22-5b5dfd27ce4f

GET
H2 200 15688_galileu.js Show response
ads.rubiconproject.com/prebid/ 417 KB
132 KB 117ms
9ms Script
text/javascript 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/galileu/prod/lib-pub-core-galileu-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: a0065362396bca2ceb0618c832c6ef4392fbfc5c6e81f104531fbfa4c34a65a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:12 GMT
content-encoding: gzip
last-modified: Fri, 19 Jan 2024 03:40:32 GMT
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 134624
expires: Fri, 19 Jan 2024 07:50:30 GMT

GET
H2 200 publicidade.css
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/css/prod/ 4 KB
1 KB 227ms
227ms Stylesheet
text/css 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/css/prod/publicidade.css
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/galileu/prod/lib-pub-core-galileu-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:12 GMT
content-encoding: gzip
x-openstack-request-id: txc9efe761c91f4c18a40c3-0065a9fd00
last-modified: Wed, 13 Sep 2023 18:42:19 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1694630538.09953
cache-control: public, max-age=180
x-trans-id: txc9efe761c91f4c18a40c3-0065a9fd00
x-request-id: 582ae9e0-f8e8-4c67-8ab6-6bbd57e3e242

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 37ms
21ms Fetch
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240119

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

152d0e416615dd7eba52435b266c57f36fcb12d21c51b27aac49c1c5a5b6da7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2478
x-jsd-version: 1.0.1939
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21975-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"633-PC9sQMwIXLIqBtCtDoqauLfdSWU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BwPcfmHRN0l5K%2FXkLdRBltYD22dg53nvMis%2BlAE%2BofOy4eFIlFnF2apXLw1MXwoQ70wyxWKnbMag9C9JfKj0Zq1WuFc6B%2B9q5pgKvt%2Bzfl6nMQ2zpbxzGduwKEx0oovh3XzQT894TiB0U0TqOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 847c68e30e7e1e51-FRA

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a9a9405da89d4a9d225dd74b87b0011415b870ea2e8a5a239d369dde3c78bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 regular.woff2
s3.glbimg.com/cdn/fonts/opensans/ 10 KB
11 KB 467ms
466ms Font
application/octet-stream 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:12 GMT
x-openstack-request-id: txb8cc634cbacb4941a7a50-0065315f8e
last-modified: Tue, 25 Jun 2019 17:36:35 GMT
x-thanos: 0AB24047
etag: 4124088fdd8c315a6d096b65b6cbf428
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484194.26376
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10352
x-trans-id: txb8cc634cbacb4941a7a50-0065315f8e
x-request-id: cbf77849-c450-4722-838f-9d4629bb466a

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 53ms
17ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:10:14 GMT
x-content-type-options: nosniff
age: 243118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 09:10:14 GMT

GET
H2 200 bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 10 KB
11 KB 467ms
466ms Font
application/octet-stream 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:12 GMT
x-openstack-request-id: tx3cc804480bf24996b51d1-0065315f8e
last-modified: Tue, 25 Jun 2019 17:35:22 GMT
x-thanos: 0AB24047
etag: 8593a5a07cf620d4512fcb71cbcd07a6
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484121.35690
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10284
x-trans-id: tx3cc804480bf24996b51d1-0065315f8e
x-request-id: c86ea076-033d-4b3c-aa98-8934c13701f3

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 49ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 09:30:09 GMT
x-content-type-options: nosniff
age: 155523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 09:30:09 GMT

GET
H2 200 semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 16 KB
16 KB 467ms
467ms Font
application/font-woff2 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:12 GMT
x-openstack-request-id: tx6db018060f5d44f4bcd71-0065315f8e
last-modified: Tue, 25 Jun 2019 17:36:47 GMT
x-thanos: 0AB24047
etag: 365c53275ca5dad1584b7e0bd3a46c1e
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484206.27623
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16172
x-trans-id: tx6db018060f5d44f4bcd71-0065315f8e
x-request-id: 66509eb1-f6ee-44d7-9b65-fdc5bbcb913a

GET
DATA 200
OK truncated
/ 436 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 507 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 opensans-light-webfont.woff
s.glbimg.com/gl/ba/fonts/ 20 KB
20 KB 704ms
241ms Font
font/woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/gl/ba/fonts/opensans-light-webfont.woff

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-location-rule: barra-legado
date: Fri, 19 Jan 2024 04:42:12 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 28504373 ra03 11 05
age: 0
x-cache-status: HIT
x-goog-meta-x-goog-reserved-source-generation: 1669739323813245
content-length: 20184
x-xss-protection: 1; mode=block
x-request-id: fd30b9cd-e31a-43d9-b3a2-1ab9df713370
last-modified: Thu, 04 May 2023 18:56:24 GMT
x-thanos: 0AB1D009
etag: "d6cc1c50b230a5c61bb684e07f3e0e98"
vary: Origin
x-served-from: estaticos-gcp-prod
content-type: font/woff
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 19 Jan 2024 04:47:12 GMT

GET
H2 200 barra-globocom.min.js Show response
s.glbimg.com/gl/ba/js/ 32 KB
11 KB 686ms
225ms Script
text/javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/gl/ba/js/barra-globocom.min.js

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-location-rule: barra-legado
date: Fri, 19 Jan 2024 04:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 480051098 ra03 11 05
age: 175
x-cache-status: HIT
x-goog-meta-x-goog-reserved-source-generation: 1669739323699742
content-length: 10597
x-xss-protection: 1; mode=block
x-request-id: fe89ad0b-a07e-4e2a-a6e3-52319caa9146
last-modified: Thu, 04 May 2023 18:56:23 GMT
x-thanos: 0AB1D009
etag: W/"1af9514851ffe9f801c5468a9d1206ac"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 19 Jan 2024 04:44:17 GMT

GET
DATA 200
OK truncated
/ 203 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62023892994a076b2eca66194011febfcc294b8cd41084bd243bd97492f1c365

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 204 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5fb71968c62c1e84aebf36c57c13a32cd43d2962a231708a5b0f8a1273d95ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 1.jpg
s2-galileu.glbimg.com/NAoimmjjBgjg5gLyFMj1tbveFUI=/0x0:1280x855/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/V/h/92JoNLQCWDxMBv... 16 KB
16 KB 805ms
803ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/NAoimmjjBgjg5gLyFMj1tbveFUI=/0x0:1280x855/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/V/h/92JoNLQCWDxMBvhu9kgA/1.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 2d88b01f29aa42bce44cac586f901521aa8ae39715157f5898cb517be12e2e69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:47 GMT
via: 2.0 CachOS
x-bip: 485447618 ra01 14 03 02
age: 31009
x-cache-server: thumbor/nginx-cache
content-length: 16070
x-cached: HIT
x-request-id: 89488126-47f2-43a5-b63f-9d739fb58369
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "895973c258186038823380bc895773e5bd1dd062"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 17 Feb 2024 19:50:17 GMT

GET
H2 200 drive-863123-1280.jpg
s2-galileu.glbimg.com/k2K0oYOTh2QYIR16jsdzzQZOMvk=/0x0:1280x853/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/B/g/gI2S2xQxuJ8xul... 11 KB
11 KB 805ms
803ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/k2K0oYOTh2QYIR16jsdzzQZOMvk=/0x0:1280x853/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/B/g/gI2S2xQxuJ8xul9B3ucw/drive-863123-1280.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: e3e1f815d1f2baa15b4c0060ca33981c1aedc30410e6fd54269d3df7dacd324f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:47 GMT
via: 2.0 CachOS
x-bip: 482409332 ra01 14 03 02
age: 31009
x-cache-server: thumbor/nginx-cache
content-length: 11249
x-cached: HIT
x-request-id: 591850f0-bff8-40d4-8769-a7aeca9ec1ec
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "d190dddee34cda52d19a182c74bf32655a18594e"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 17 Feb 2024 19:50:16 GMT

GET
H2 200 alvan-nee-t-0ew-sebse-unsplash.jpg
s2-galileu.glbimg.com/ndMSyFK-9grntzRAHNrf73iMMic=/0x0:1920x1282/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/S/O/nWJ5A7R52reOq... 12 KB
12 KB 913ms
913ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/ndMSyFK-9grntzRAHNrf73iMMic=/0x0:1920x1282/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/S/O/nWJ5A7R52reOqBRK32OQ/alvan-nee-t-0ew-sebse-unsplash.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 03ef6981e03fb356cc693b884356883c0d25a62141465d8068f6a95d3d41b31c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:47 GMT
via: 2.0 CachOS
x-bip: 489455789 ra01 14 03 02
age: 31010
x-cache-server: thumbor/nginx-cache
content-length: 11930
x-cached: HIT
x-request-id: 0e2505a7-13bd-49ee-ba65-6a61186dbf9c
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "bdd111847260415b49d1686f6ff48566726ab70f"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 17 Feb 2024 20:04:50 GMT

GET
H2 200 whatsapp-image-2024-01-03-francini-filho-992x558.jpeg
s2-galileu.glbimg.com/G0P7SPO5VQbiGl89HGmkQjyqbdk=/0x0:992x558/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/y/Z/tqAbmAT9qO8YKJH... 11 KB
12 KB 902ms
902ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/G0P7SPO5VQbiGl89HGmkQjyqbdk=/0x0:992x558/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/y/Z/tqAbmAT9qO8YKJH18v7Q/whatsapp-image-2024-01-03-francini-filho-992x558.jpeg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 3d35430cbc5f5d47878a9e4863ae8a7323a6f7eff15f961341ac35215cacfd54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:48 GMT
via: 2.0 CachOS
x-bip: 486162506 ra01 14 03 02
age: 31010
x-cache-server: thumbor/nginx-cache
content-length: 11533
x-cached: HIT
x-request-id: 8b808335-c95c-4332-bde4-8c5e1013eb4f
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "9d2b41d7d0d3e94bb6884cf71410833b013f16a0"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 17 Feb 2024 19:50:18 GMT

GET
H2 200 low-res-antechinus-mimetes-eating-its-dead-credit-elliott-bowerman.jpg
s2-galileu.glbimg.com/G7u6IPUPXZ7NdngCaAwyCnwZaqc=/0x0:700x562/500x280/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/g/W/lG6X82SN60rVnGC... 85 KB
86 KB 673ms
673ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/G7u6IPUPXZ7NdngCaAwyCnwZaqc=/0x0:700x562/500x280/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/g/W/lG6X82SN60rVnGCigMaw/low-res-antechinus-mimetes-eating-its-dead-credit-elliott-bowerman.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 2c3b6f49c70b516548420f7680c38239c0d551787dbf96a6a5108c91de8ab3b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:49 GMT
via: 2.0 CachOS
x-bip: 488972171 ra01 14 03 02
age: 31011
x-cache-server: thumbor/nginx-cache
content-length: 87121
x-cached: HIT
x-request-id: 710e0053-23f0-4228-8759-6b87594ddbe5
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "a9e9f3257a0dd850a38af7faeeb63dfa4dc77062"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 17 Feb 2024 20:04:50 GMT

GET
H2 200 pexels-polina-tankilevitch-4518583.jpg
s2-galileu.glbimg.com/SGZT0f1I2J4SC42FVGmpe4-hzxI=/0x0:3000x2000/300x159/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/Z/e/gxlnAURROBwTr... 10 KB
11 KB 798ms
798ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/SGZT0f1I2J4SC42FVGmpe4-hzxI=/0x0:3000x2000/300x159/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/Z/e/gxlnAURROBwTrJQeZSSw/pexels-polina-tankilevitch-4518583.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 6fd2f1ac788550f52e028edfb9b792841548b3e9e75cc4b34eac363ff15cf85a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:50 GMT
via: 2.0 CachOS
x-bip: 485971769 ra01 14 03 02
age: 31012
x-cache-server: thumbor/nginx-cache
content-length: 10544
x-cached: HIT
x-request-id: ab42163b-9dca-4448-86c2-c01479e6aab4
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "29861b206cd78501090de504b67dc9a44f5ae02c"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 17 Feb 2024 20:04:50 GMT

GET
H2 200 7aec40f7-45b8-4566-b17d-2ee9a544401a.jpg
s2-galileu.glbimg.com/rEl2qTOu_kLgimicLhWnDAwfXTQ=/0x0:700x525/100x100/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/I/4/CB7DtQTbONVQip2... 4 KB
4 KB 369ms
368ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/rEl2qTOu_kLgimicLhWnDAwfXTQ=/0x0:700x525/100x100/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/I/4/CB7DtQTbONVQip2uPlZg/7aec40f7-45b8-4566-b17d-2ee9a544401a.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 4fe68ab4fb5127e4f658de7ff18e0ae8b89c6f5673f60e4588ab52fbc46455cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 487380069 ra01 14 03 02
age: 31013
x-cache-server: thumbor/nginx-cache
content-length: 4017
x-cached: MISS
x-request-id: 9cb023cd-e83c-4af3-9d23-dad5dc882e8d
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "6bdeadac212e0f9b80914c27ef606803b457b28c"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 17 Feb 2024 20:05:23 GMT

GET
H2 200 big-ring-figure-2.xc40606d9.jpg
s2-galileu.glbimg.com/IwkOYJXvybNwubK9tHj9QoLmKQk=/0x0:740x551/100x100/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/m/P/yRW8gTTWmcjaI0C... 921 B
1 KB 385ms
385ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/IwkOYJXvybNwubK9tHj9QoLmKQk=/0x0:740x551/100x100/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/m/P/yRW8gTTWmcjaI0CuIbCw/big-ring-figure-2.xc40606d9.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 9e4531b9a55f15bf0bd5123a3eb9be0c88c1b0d42274e3a9710d48f87543a6af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 487598399 ra01 14 03 02
age: 31013
x-cache-server: thumbor/nginx-cache
content-length: 921
x-cached: HIT
x-request-id: 2df92de2-5b1f-42e2-94ed-911c613201ce
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "461c19cee602ab550d18ad320782b9c6ac74e780"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 17 Feb 2024 19:50:19 GMT

GET
H2 200 qqed-tarsila-site-01.png
s2-galileu.glbimg.com/EQtJcE4K2VahUETBclXFC-4YRu4=/0x0:700x400/100x100/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/z/d/BquS6oQIuEzK2EA... 6 KB
6 KB 394ms
394ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/EQtJcE4K2VahUETBclXFC-4YRu4=/0x0:700x400/100x100/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/z/d/BquS6oQIuEzK2EAQgJ9A/qqed-tarsila-site-01.png
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: d0a3db7e5a3841414d7f0dc8e575a3c4b5d1a774a575352cdbed3630a10e57cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 477362109 ra01 14 03 02
age: 31013
x-cache-server: thumbor/nginx-cache
content-length: 5895
x-cached: HIT
x-request-id: b665d0ec-2a34-4dff-a357-2b27747aff94
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "35c8778e28024dbcbb2f849b64d543f4d1e59cb0"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 17 Feb 2024 20:04:50 GMT

GET
H2 200 low-res-1.-one-of-the-studied-burnt-mudbricks..jpeg
s2-galileu.glbimg.com/y_K59U4847e7scIG8Csg_FDV8Qg=/0x0:700x523/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/i/h/gW7DC6RXCipTht6... 39 KB
39 KB 430ms
430ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/y_K59U4847e7scIG8Csg_FDV8Qg=/0x0:700x523/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/i/h/gW7DC6RXCipTht6By3hA/low-res-1.-one-of-the-studied-burnt-mudbricks..jpeg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 498ff5bcb02c5289f93fa5c1003b15444d21227dfeda3fed903a78f43d82ac7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 482409334 ra01 14 03 02
age: 563526
x-cache-server: thumbor/nginx-cache
content-length: 39847
x-cached: HIT
x-request-id: 3e504ab4-660e-410e-afa5-dd12b2f1adbd
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "5260559b629598072f3e621c78a2bdec695121bb"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 11 Feb 2024 14:53:50 GMT

GET
H2 200 estrela-de-belem.jpg
s2-galileu.glbimg.com/HXIhWXNvWY_7Ha0bxjX6x6b2YHo=/0x0:1920x1280/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/N/z/xUYr88RymmBTY... 17 KB
18 KB 252ms
252ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/HXIhWXNvWY_7Ha0bxjX6x6b2YHo=/0x0:1920x1280/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/N/z/xUYr88RymmBTYgMY76Sw/estrela-de-belem.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: d103ddd3e1c450405dd77ad357a6fdfeda1524ae6fe7152b05f9318eecfa4d41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 1001321168 ra01 14 03 02
age: 563526
x-cache-server: thumbor/nginx-cache
content-length: 17652
x-cached: HIT
x-request-id: a61f6ad6-0dfa-41aa-95a1-8d4d6bf9f205
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "6ddb55a16c8c2cc5deec9f0f60dae90453a0e894"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 11 Feb 2024 14:55:19 GMT

GET
H2 200 discovery-of-immense-f.jpg
s2-galileu.glbimg.com/9xGNxuski9KKsVE4ya0lAJvheZY=/0x0:1500x1001/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/1/u/F2ed6jQ5GAojW... 33 KB
33 KB 332ms
332ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/9xGNxuski9KKsVE4ya0lAJvheZY=/0x0:1500x1001/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/1/u/F2ed6jQ5GAojW9hTH5kg/discovery-of-immense-f.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 77514c451e521ac4368a45b763c5a2bab6b9a31ca4b4c69538eda378b4180fce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 486810677 ra01 14 03 02
age: 563526
x-cache-server: thumbor/nginx-cache
content-length: 33405
x-cached: HIT
x-request-id: 1a50b6f1-60b5-4bb7-b933-8b59fc7df006
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "a87a49ec8ceae553d3fccbad8fd8ea7946770d39"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 11 Feb 2024 14:54:14 GMT

GET
H2 200 slingbullet.jpg
s2-galileu.glbimg.com/ONRa__1PgqWoRAyWCaQQj9pw-DI=/0x0:1250x800/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/Y/t/k0o7m6TzaFuylp... 14 KB
15 KB 467ms
467ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/ONRa__1PgqWoRAyWCaQQj9pw-DI=/0x0:1250x800/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/Y/t/k0o7m6TzaFuylpS2N7SQ/slingbullet.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 5a7b904806d5ea7ba0e46ccf5f1e8974da4312770a287cda18014508da70fb4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 487598405 ra01 14 03 02
age: 563526
x-cache-server: thumbor/nginx-cache
content-length: 14818
x-cached: HIT
x-request-id: eb05ab32-2564-47a3-8ded-c00b8d250ea8
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "a89e4af0fe3f82ce12ebc5f4416bc1bfc4cf8a56"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 11 Feb 2024 14:55:51 GMT

GET
H2 200 nick-wright-g2rwqkgp1de-unsplash.jpg
s2-galileu.glbimg.com/_lRueayqjyjqyviqXaiZFqrv8Po=/154x0:3436x1846/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/A/C/bb7RuvTzOKv... 6 KB
7 KB 516ms
515ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/_lRueayqjyjqyviqXaiZFqrv8Po=/154x0:3436x1846/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/A/C/bb7RuvTzOKvsJXNljAog/nick-wright-g2rwqkgp1de-unsplash.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: d069a25e9362277eafb7aebfaae23274f37c7d55cbbbf2a02379b2b1d8955559

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 464699060 ra01 14 03 02
age: 119128
x-cache-server: thumbor/nginx-cache
content-length: 6511
x-cached: HIT
x-request-id: daf74c6f-e2ef-4fab-8bbc-075016a10ddf
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "7fac188656c82851c61db4a68f594c7d5de613bf"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 16 Feb 2024 18:23:54 GMT

GET
H2 200 bladder-tumors-reduced-2.jpg
s2-galileu.glbimg.com/_3jkwxdP9QXtXyNCOwKCwIyWsEU=/0x0:1200x1405/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/N/T/e6pVO6Q2AqlJl... 7 KB
7 KB 519ms
519ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/_3jkwxdP9QXtXyNCOwKCwIyWsEU=/0x0:1200x1405/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/N/T/e6pVO6Q2AqlJltvQqG3Q/bladder-tumors-reduced-2.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: d38c88689435e8dcb1c9c126961a9f63c490106e34730b88acee218f5b846ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 1001321169 ra01 14 03 02
age: 202932
x-cache-server: thumbor/nginx-cache
content-length: 6843
x-cached: HIT
x-request-id: cf57dd60-5cf6-4e07-af4e-33610c4e51af
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "f27aa23f7556b4886058eec604e170f217d7f2eb"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 15 Feb 2024 20:07:49 GMT

GET
H2 200 sobra.jpg
s2-galileu.glbimg.com/pnpLUnBsLnMrrCWVtEowND7YEW8=/0x0:3179x1981/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/B/4/zujLWGTmWwEZv... 10 KB
10 KB 376ms
376ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/pnpLUnBsLnMrrCWVtEowND7YEW8=/0x0:3179x1981/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/B/4/zujLWGTmWwEZv6BM374Q/sobra.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 3aea1bac875f23d26b11fdad6c9047d2489d14faacd7e6eebd64b3a0e40f4294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 488742598 ra01 14 03 02
age: 202945
x-cache-server: thumbor/nginx-cache
content-length: 10029
x-cached: HIT
x-request-id: b8f08940-66d8-4d9d-b176-be3f593340bf
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "4c7438a51a454318c2e1758d1c61448e83de8f70"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 15 Feb 2024 20:09:16 GMT

GET
H2 200 pexels-keira-burton-6624327.jpg
s2-galileu.glbimg.com/7tX6GXklPP_FyjmoZz4p9_5XQR0=/0x0:1280x853/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/L/O/nIkuF0SqCBl2gk... 8 KB
8 KB 345ms
340ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/7tX6GXklPP_FyjmoZz4p9_5XQR0=/0x0:1280x853/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/L/O/nIkuF0SqCBl2gkW34UGw/pexels-keira-burton-6624327.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 661b625eeb1c499651c0cdb261782607cb5314a802e89cb9565a1120ae370866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 477362119 ra01 14 03 02
age: 369017
x-cache-server: thumbor/nginx-cache
content-length: 8077
x-cached: HIT
x-request-id: bbf89978-39c1-4969-bef1-5829f237b31d
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "d912b89824c6044c3498cbc6be6684bf9f7536e0"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Tue, 13 Feb 2024 19:21:44 GMT

GET
H2 200 lingchor-ldy1k7rklea-unsplash.jpg
s2-galileu.glbimg.com/SNTWJpWFnbSCjnZRm740FAfux8A=/smart/filters:strip_icc()/s2-galileu.glbimg.com/oj3MdGs6fYaw3SH2GulzfgOvdTU%3D/600x0/filters%3Aquality%2850%29/https%3A//i.s3.glbimg.com/v1/AUTH_f... 47 KB
47 KB 230ms
230ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/SNTWJpWFnbSCjnZRm740FAfux8A=/smart/filters:strip_icc()/s2-galileu.glbimg.com/oj3MdGs6fYaw3SH2GulzfgOvdTU%3D/600x0/filters%3Aquality%2850%29/https%3A//i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/H/n/ayYE7VQv2yBHdAGUf7XA/lingchor-ldy1k7rklea-unsplash.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 4dfb873913d3f2bd20882709fc484c8cd710be1176d63f238b923cab4954b9bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 487598411 ra01 14 03 02
age: 111678
x-cache-server: thumbor/nginx-cache
content-length: 47868
x-cached: HIT
x-request-id: 59d1541a-1b05-4ef9-89eb-905fb5fdc674
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "3007cf4794069919bb5300523cb1b8006196d65f"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 16 Feb 2024 19:55:45 GMT

GET
H2 200 rio-tocantins-lajeado-to-01.jpg
s2-galileu.glbimg.com/XKkI6pva1swMWtacwCqISpGUFRQ=/smart/filters:strip_icc()/s2-galileu.glbimg.com/SIduLub2miTgUZBgy7Xng7jovew%3D/600x0/filters%3Aquality%2850%29/https%3A//i.s3.glbimg.com/v1/AUTH_f... 45 KB
46 KB 352ms
352ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/XKkI6pva1swMWtacwCqISpGUFRQ=/smart/filters:strip_icc()/s2-galileu.glbimg.com/SIduLub2miTgUZBgy7Xng7jovew%3D/600x0/filters%3Aquality%2850%29/https%3A//i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/X/7/3wHYBjTAeajv11Cj06kQ/rio-tocantins-lajeado-to-01.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 5e75e73b1392894815cbd0582866402ab67e43c839e5665b7789f55c783e0e13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 478375326 ra01 14 03 02
age: 806464
x-cache-server: thumbor/nginx-cache
content-length: 46354
x-cached: HIT
x-request-id: be0803f2-370c-4e9e-a10a-88406f3e70c4
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "f0d58076497c5d2e42f3924eb0a37dbb932b6e7c"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 08 Feb 2024 20:13:54 GMT

GET
H2 200 vice-presidente-da-republica-hamilton-mourao-carajas-missoes-diplomaticas-a-amazonia-oriental0809210165-1-.webp
s2-galileu.glbimg.com/tAyZt78YIpiZH9Zz5tzDSGn5Twc=/smart/filters:strip_icc()/s2-galileu.glbimg.com/ZSga6XvWR4xrxjQyq5dUhTbEb80%3D/600x0/filters%3Aquality%2850%29/https%3A//i.s3.glbimg.com/v1/AUTH_f... 51 KB
51 KB 534ms
533ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/tAyZt78YIpiZH9Zz5tzDSGn5Twc=/smart/filters:strip_icc()/s2-galileu.glbimg.com/ZSga6XvWR4xrxjQyq5dUhTbEb80%3D/600x0/filters%3Aquality%2850%29/https%3A//i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/v/C/ANAcJbSWGLHkcXfALSPw/vice-presidente-da-republica-hamilton-mourao-carajas-missoes-diplomaticas-a-amazonia-oriental0809210165-1-.webp
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: aeb569139cb6bc35a99ae1ede1d2209d1cb7f82d630b0fbddb72881815028ed1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-forwarded-host: s2-galileu.glbimg.com
x-bip: 488742606 ra01 14 03 02
age: 1244750
x-thanos: 0AB0D090
etag: "fad2c799dd71df1ea630242de334091b61267aaf"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 52227
x-request-id: ce7372d9-ee45-4e90-8497-04821b619841
expires: Sat, 03 Feb 2024 18:56:24 GMT

GET
H2 200 oscarnestarez-1-.png
s2-galileu.glbimg.com/aCN5O94w68jiKlP1AhlHUFlk5-g=/80x80/smart/filters:strip_icc()/s2.glbimg.com/F0ZmMopJ30V0t9pr5Qa-M-7ji90%3D/600x0/filters%3Aquality%2870%29/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04... 808 B
1 KB 703ms
703ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/aCN5O94w68jiKlP1AhlHUFlk5-g=/80x80/smart/filters:strip_icc()/s2.glbimg.com/F0ZmMopJ30V0t9pr5Qa-M-7ji90%3D/600x0/filters%3Aquality%2870%29/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/6/e/CX1gp8S1Of2BsHac0W0Q/oscarnestarez-1-.png
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 5e17c7d6e5cb0e00c66dbf2e15e3c24c497204b761c469c6497a73c9278d3349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:51 GMT
via: 2.0 CachOS
x-bip: 478375327 ra01 14 03 02
age: 229793
x-cache-server: thumbor/nginx-cache
content-length: 808
x-cached: HIT
x-request-id: c35b7dd1-22e1-4cba-b6e1-785683efebb5
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "ec07fe5a8f4ceddce693b18edcc89815f464f830"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 15 Feb 2024 12:38:32 GMT

GET
H2 200 358403749-819053609461261-7400161117324645260-n.jpg
s2-galileu.glbimg.com/ODM1CRUYsIs2WBFtuKyqBBdieKM=/80x80/smart/filters:strip_icc()/s2-galileu.glbimg.com/lTXre8iKqfiUGY4r9MfX30xYoQM%3D/600x0/filters%3Aquality%2870%29/https%3A//i.s3.glbimg.com/v1/... 2 KB
3 KB 661ms
661ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/ODM1CRUYsIs2WBFtuKyqBBdieKM=/80x80/smart/filters:strip_icc()/s2-galileu.glbimg.com/lTXre8iKqfiUGY4r9MfX30xYoQM%3D/600x0/filters%3Aquality%2870%29/https%3A//i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2023/8/l/skhxe4QnGphtPWIPkDWA/358403749-819053609461261-7400161117324645260-n.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 138d7e873acb759e2abff7f865b8711ce893331bd525bd246026bdb8b0d5fb33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:52 GMT
via: 2.0 CachOS
x-bip: 477362123 ra01 14 03 02
age: 626263
x-cache-server: thumbor/nginx-cache
content-length: 2222
x-cached: HIT
x-request-id: 2b04accf-ecd0-4a7c-b583-d36c8c4ff9ba
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "227c56254017a59126c0822605c044a890237cf8"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 10 Feb 2024 22:15:15 GMT

GET
H2 200 marcelo-lapola-copy.jpg
s2-galileu.glbimg.com/p3IfPxL3D2nKcMqqrYSyeX0rfbE=/80x80/smart/filters:strip_icc()/s2.glbimg.com/XgBCfQRwNzAf8T3GyxusseTtwBg%3D/600x0/filters%3Aquality%2870%29/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04... 2 KB
2 KB 646ms
646ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/p3IfPxL3D2nKcMqqrYSyeX0rfbE=/80x80/smart/filters:strip_icc()/s2.glbimg.com/XgBCfQRwNzAf8T3GyxusseTtwBg%3D/600x0/filters%3Aquality%2870%29/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2022/A/6/IP7BarR1GNd48tiZ0Qig/marcelo-lapola-copy.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 9b255624c4aa0e44eb0e1f59f898e7ec4c3d91f6bf7ff7dd8ee51e791d55fb24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:52 GMT
via: 2.0 CachOS
x-bip: 478375329 ra01 14 03 02
age: 626263
x-cache-server: thumbor/nginx-cache
content-length: 1602
x-cached: MISS
x-request-id: 65487a40-8563-4b38-8465-c2d4c3822bc1
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "37019e07b0093a6851fc25c8140eaf78f29557c1"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 10 Feb 2024 22:44:32 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 31ms
30ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:12 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2744
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 847c68e33cb2373d-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 22 Jan 2024 04:42:12 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/2e3316dd-7490-4306-9b57-79fa611a4b18/ 5 KB
2 KB 36ms
19ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/2e3316dd-7490-4306-9b57-79fa611a4b18/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caeb5824088e9c990dcdf8014148d7847d182bd06861142d0038ed7d0ac88bcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 2147
cf-polished: origSize=5154
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d5513b88-484e-4df3-a3b5-a0bd647d300e
x-runtime: 0.030516
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"e7f5488cac0bd30387ebbf0f9e3ed154"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 847c68f28cf7373d-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 19 Jan 2024 05:42:14 GMT

GET
H2 200 1.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 27 KB
6 KB 218ms
218ms Script
application/javascript 34.151.224.123
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 123.224.151.34.bc.googleusercontent.com
Software: /
Resource Hash: 5afe98affdf49aa3bc7d6bf163f2bb26759f15df90322cb80e25b888d3afaa96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-location-rule: static - tiny.js
date: Fri, 19 Jan 2024 04:42:12 GMT
content-encoding: gzip
x-openstack-request-id: tx50c08ec3f4724208a59c4-0065a95b7d
x-cache-status: HIT
supportspointer: true
x-trans-id: tx50c08ec3f4724208a59c4-0065a95b7d
x-request-id: a45181605544c04589a92f845b59c305
last-modified: Tue, 09 Jan 2024 14:24:11 GMT
vary: Accept-Encoding, Origin
x-served-from: infoglobo-router-gcp
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-timestamp: 1704810250.27736
cache-control: max-age=600
charset: utf-8
expires: Thu, 18 Jan 2024 17:20:21 GMT

GET
H2 200 18.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 6 KB
2 KB 219ms
219ms Script
application/javascript 34.151.224.123
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/18.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 123.224.151.34.bc.googleusercontent.com
Software: /
Resource Hash: c0dfa41b2d4fa3807f0af808f79cfbad0375d767bbded26906bdefac0724a6a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-location-rule: static - tiny.js
date: Fri, 19 Jan 2024 04:42:12 GMT
content-encoding: gzip
x-openstack-request-id: txc0bdeb12226b4399ad6d9-0065a29fa2
x-cache-status: HIT
supportspointer: true
x-trans-id: txc0bdeb12226b4399ad6d9-0065a29fa2
x-request-id: c70147483b630d2a05dc7824dbde9fd4
last-modified: Tue, 09 Jan 2024 14:24:24 GMT
vary: Accept-Encoding, Origin
x-served-from: infoglobo-router-gcp
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-timestamp: 1704810263.58107
cache-control: max-age=600
charset: utf-8
expires: Sat, 13 Jan 2024 14:46:32 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
1 KB 145ms
23ms Script
application/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc

Requested by

Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3d802214cdaf6276aa13b5b161820bbc80660cf9429124233334b07a2d7978e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date: Fri, 19 Jan 2024 04:42:14 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Jan 2024 04:11:10 GMT
server: cloudflare
age: 1864
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 847c68f36eea4d2b-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 77mny506fq
expires: Fri, 19 Jan 2024 05:12:14 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 76ms
22ms Script
application/javascript 2606:4700:3030::6815:4222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TY6WRQYW0F3Q4WAQ
age: 2329
alt-svc: h3=":443"; ma=86400
x-amz-id-2: y8+seouaQFCZGA0Uzaz/7wdsqV422BEPDkB92csomHKFa3tsWmGEZU2iEsuHkocFKbIB6FDr0BM=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAwrq%2F5qd49RuSMkW9jCmOclB%2BYvqW77bnoDWe7lv9HNp2f4vxyzlfg3DexKTUlv6IH1l4RaZgetrd%2FulJthcOjAaFByQdd5aZBMhyxir%2FqE4E0LLZ9uvQMB29x5QsGbhEqoYG0J3aGEB%2BsfqAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 847c68f3fcef5c40-AMS

GET
H2 200 api.min.js Show response
p.glbimg.com/api/stable/ 42 KB
13 KB 644ms
225ms Script
text/javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.glbimg.com/api/stable/api.min.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3efac754de48beab3d6856c94bd81c7c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-location-rule: barra-gcs
date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 483407294 ra03 11 05
age: 23013
x-cache-status: HIT
content-length: 12654
x-xss-protection: 1; mode=block
x-request-id: 776883df-16af-40b6-97b8-1f9f6da72ebb
last-modified: Tue, 03 Jan 2023 00:49:51 GMT
x-thanos: 0AB1D009
etag: W/"d82e539ab2fdc0f51354d1f15969ebbe"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 19 Jan 2024 22:18:42 GMT

GET
H2 200 gui.lightbox.min.js Show response
s3.glbimg.com/cdn/libs/gui-lightbox/1.5.7/js/ 25 KB
9 KB 229ms
229ms Script
application/x-javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/gui-lightbox/1.5.7/js/gui.lightbox.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3efac754de48beab3d6856c94bd81c7c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 47f0f7b5f1d27bc9c731cae83bf7a2ff5ef9ccd1b529976a9093ef6fae5868dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
content-encoding: gzip
x-openstack-request-id: txca664ab39a1d486084d2c-0065a9fd01
last-modified: Mon, 30 Apr 2018 13:52:13 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: application/x-javascript
x-timestamp: 1525096332.76449
cache-control: public, max-age=180
x-trans-id: txca664ab39a1d486084d2c-0065a9fd01
x-request-id: 5900c184-93d8-4c56-8d15-7b088b8bb566

GET
H2 200 gui.lightbox.min.css
s3.glbimg.com/cdn/libs/gui-lightbox/1.5.7/css/ 33 KB
13 KB 228ms
227ms Stylesheet
text/css 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/gui-lightbox/1.5.7/css/gui.lightbox.min.css
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3efac754de48beab3d6856c94bd81c7c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 15a2c119963d6bf7f267006258b5ee21f4c9515a368d3988bd9992e9324effc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
content-encoding: gzip
x-openstack-request-id: tx4980b5c7c8cb4b19bf4a1-0065a9fd2e
last-modified: Mon, 30 Apr 2018 13:50:26 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1525096225.59397
cache-control: public, max-age=180
x-trans-id: tx4980b5c7c8cb4b19bf4a1-0065a9fd2e
x-request-id: 19819df5-326b-4c44-b81b-306f535c431d

GET
H2 200 map-of-suspected-ice-at-mars-s-equator-pillars.jpg
s2-galileu.glbimg.com/MD-Iqz323n5h-eR1_Vzaq65-Gbg=/0x0:2475x1080/1200x600/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/6/C/pjWTwUTzyTkd... 117 KB
117 KB 621ms
620ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/MD-Iqz323n5h-eR1_Vzaq65-Gbg=/0x0:2475x1080/1200x600/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/6/C/pjWTwUTzyTkd5OuAl0kQ/map-of-suspected-ice-at-mars-s-equator-pillars.jpg
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: db4754d31dce8cb57f3465ae442079e67cec3bb6937909a4e69f8bfa00bec548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:48 GMT
via: 2.0 CachOS
x-bip: 485447623 ra01 14 03 02
age: 31010
x-cache-server: thumbor/nginx-cache
content-length: 119746
x-cached: HIT
x-request-id: 77735503-fbad-4783-a319-177561f899c3
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "de5019045136aa3023aae87217d830b768ae192b"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 17 Feb 2024 20:04:50 GMT

GET
H2 200 step1.html Show response
id.globo.com/auth/realms/globo.com/protocol/openid-connect/3p-cookies/ Frame 8B1C 955 B
1 KB 1221ms
821ms Document
text/html 34.110.201.227
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/3p-cookies/step1.html

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3efac754de48beab3d6856c94bd81c7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.201.227 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

227.201.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none'; frame-ancestors 'self' https://.globoi.com https://.globo.com https://local.globoi.com:8080 https://.apps.tsuru.gcp.i.globo https://.techtudo.com.br https://www.techtudo.com.br;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since, framework_version_header, system_version_header, platform_header, app_id_header, access_header, globoid_connect_apikey
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, HEAD
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate, no-transform, no-store
content-encoding: gzip
content-security-policy: frame-src 'self'; object-src 'none'; frame-ancestors 'self' https://*.globoi.com https://*.globo.com https://local.globoi.com:8080 https://*.apps.tsuru.gcp.i.globo https://*.techtudo.com.br https://www.techtudo.com.br;
content-type: text/html;charset=utf-8
date: Fri, 19 Jan 2024 04:42:14 GMT
p3p: CP="This is not a P3P policy!"
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 114 KB
29 KB 36ms
20ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: 98V47QQRQBB1H96A
age: 3429
etag: W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 847c68f579ea9b39-FRA
x-amz-id-2: LLVA+vqa0Oh0heny89/8P0nfxp+zIdnneOaCpgIwTJSOykl2BIpgwhWBjtwGdEQ0xHXNPNef+1nKJEDhB6C52g==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 42ms
7ms Script
text/javascript 2600:9000:2250:ae00:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ae00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Thu, 18 Jan 2024 09:17:41 GMT
Via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 69875
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: m8bHjrvnzGRl08GvxRQO5kRUoPesRgeKySbmcckHV08BPUthR5zLGg==

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 30ms
21ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11317
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJH5yyWQpz5jCXVsv0wfmHaIu34DU1AlIhYAa%2BIlKTj3Gk1KivBafxdqYVYZIb%2FKTyTVqZIBRL%2FLo1cgJ8YA2xp3xKsaQe4ZUQsZExtIcWbwzEga7a%2Fk5IWoVhIwNUCsoiT0TJ%2BfniqNrXfdIiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 847c68e80a26bbaf-FRA

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 66ms
16ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 02:52:30 GMT
content-encoding: gzip
age: 524985
x-guploader-uploadid: ABPtcPrfDLHYW-2je5TO8TgEVSN69n34PB-wROqR35J4UhqwbiNuRlE14A2E8AkYCR67tARn77U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 12 Jan 2025 02:52:30 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 53ms
25ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 18 Jan 2024 07:12:05 GMT
server: nginx
etag: W/"65a8cf45-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 Jan 2024 04:42:15 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 31ms
7ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 05:37:13 GMT
content-encoding: gzip
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 83103
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: RP-d3o-YVxv26M2M4Kp_yIzzeQrEW-O1BEf1_1J9XiYN2ohGOkYUzw==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 67ms
27ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: d33f565db9df71cfa923e64c0384451b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 92 KB
42 KB 403ms
402ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501753496430904&correlator=3742736953450281&eid=31079956%2C31080257%2C31079724&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fif&iu_parts=85042905%2Cedgalileu%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250%7C970x150%7C1190x250%7C1190x150&ifi=1&didk=557148462&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705639333119&lmt=1705639333&adxs=436&adys=342&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frevistagalileu.globo.com%2F&vis=1&psz=1600x250&msz=728x90&fws=0&ohw=0&ga_vid=2089446785.1705639333&ga_sid=1705639333&ga_hid=810549604&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRj8mZuA0jFIAFICCGQSGQoKcHViY2lkLm9yZxj8mZuA0jFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y_JmbgNIxSABSAghkEhcKCHJ0YmhvdXNlGPyZm4DSMUgAUgIIZBIZCgp1aWRhcGkuY29tGPyZm4DSMUgAUgIIZBIUCgVvcGVueBj8mZuA0jFIAFICCGQ.&dlt=1705639330513&idt=1252&prev_scp=Editora.pos%3DTop%26rc%3Dpub-super-1_0&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D5%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1705639332142%26prmtvvid%3D%26prmtvwid%3D&adks=159803363&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf9a4c7791f8db5e49ef2ea4cf503514f28f9e8acd33360063bcfcd7bae7e7b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42979
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 71ms
71ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501753496430904&correlator=2485899450154235&eid=31079956%2C31080257%2C31079724&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fif&iu_parts=85042905%2Cedgalileu%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=2&didk=3389147197&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705639333126&lmt=1705639333&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frevistagalileu.globo.com%2F&vis=1&psz=1200x316&msz=266x0&fws=132&ohw=266&ga_vid=2089446785.1705639333&ga_sid=1705639333&ga_hid=810549604&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRj8mZuA0jFIAFICCGQSGQoKcHViY2lkLm9yZxj8mZuA0jFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y_JmbgNIxSABSAghkEhcKCHJ0YmhvdXNlGPyZm4DSMUgAUgIIZBIZCgp1aWRhcGkuY29tGPyZm4DSMUgAUgIIZBIUCgVvcGVueBj8mZuA0jFIAFICCGQ.&dlt=1705639330513&idt=1252&prev_scp=Editora.pos%3DBox-Chamada-2&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D5%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1705639332142%26prmtvvid%3D%26prmtvwid%3D&adks=2809214342&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff0068ad1d649ca7cc3dfa949a7c83f980a7c7839600b95fac1d445fd0b50355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12439
x-xss-protection: 0
google-lineitem-id: 6139572635
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138459727504
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1792 6 KB
3 KB 107ms
24ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:13 GMT
expires: Sat, 18 Jan 2025 04:42:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 277 KB
87 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6MZG9W

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/galileu/prod/lib-pub-relay-galileu-latest.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3c6640a777abfa183ce035e0028c7cb96f6bb1bb378f9d6d2b59fe03e9a6f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88586
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jan 2024 04:42:15 GMT

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 5365 961 B
574 B 56ms
23ms Document
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-T6MZG9W

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/galileu/prod/lib-pub-relay-galileu-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29fd2a36094c8ee9a274529a0f999f4d1bd4fa2d52e990ea394657774f0fc769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 254
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame F95F 268 B
161 B 22ms
21ms Document
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-NXVN776&ancestors=GTM-T6MZG9W&restrictions=&gtm.url=https%3A%2F%2Frevistagalileu.globo.com%2F

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-T6MZG9W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.googletagmanager.com/ns.html?id=GTM-T6MZG9W
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 8B94 268 B
158 B 22ms
22ms Document
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-T6MZG9W&restrictions=&gtm.url=https%3A%2F%2Frevistagalileu.globo.com%2F

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-T6MZG9W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.googletagmanager.com/ns.html?id=GTM-T6MZG9W
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 9BE3 268 B
158 B 30ms
30ms Document
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-T6MZG9W&restrictions=&gtm.url=https%3A%2F%2Frevistagalileu.globo.com%2F

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-T6MZG9W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.googletagmanager.com/ns.html?id=GTM-T6MZG9W
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 container.html Show response
447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CC5E 6 KB
3 KB 28ms
25ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:13 GMT
expires: Sat, 18 Jan 2025 04:42:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CC5E 24 KB
7 KB 62ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H2 200 10006331761601455374
tpc.googlesyndication.com/simgad/ Frame CC5E 22 KB
22 KB 63ms
16ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10006331761601455374?

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0da65befc5b7f0ebacb715dbee879ee4d0b91ba770991c67e924763d5c297c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 17 Jan 2025 01:27:42 GMT
date: Thu, 18 Jan 2024 01:27:42 GMT
x-content-type-options: nosniff
age: 98071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22672
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 18:09:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC5E 206 KB
65 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 04:42:13 GMT

GET
H2 200 horizon-client-js.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 11 KB
4 KB 226ms
226ms Script
text/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
content-encoding: gzip
x-openstack-request-id: txd03f8ce28fd942eab0e05-0065a9fc89
last-modified: Fri, 13 Nov 2020 17:21:38 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1605288097.88717
cache-control: public, max-age=600
x-trans-id: txd03f8ce28fd942eab0e05-0065a9fc89
x-request-id: 87b52643-1fbf-4819-abba-664da14f5250

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 225ms
225ms Script
text/javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-location-rule: barra-gcs
date: Fri, 19 Jan 2024 04:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 481127852 ra03 11 05
age: 23016
x-cache-status: HIT
content-length: 945
x-xss-protection: 1; mode=block
x-request-id: 055136f0-e229-4d2b-97e9-019f4235f12c
last-modified: Fri, 11 Nov 2022 21:36:41 GMT
x-thanos: 0AB1D009
etag: W/"aaaef25ae81d7253ced007ce6451d65e"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 19 Jan 2024 22:18:36 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035227/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
384 B

8ms
8ms

Script
application/javascript

18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 08:50:48 GMT
via: 1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 71488
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: bX3zVwzHzyySLW-hbfHgicbFj5-zskoQQqHnwkRNlNiHQCuxZ2gOTQ==

Redirect headers

date: Fri, 19 Jan 2024 04:42:15 GMT
via: 1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: azOH-zq4QKiZvZhYuH3yZFyytsfUWovS9nusl_Y39jgspb7k5ZRgrA==

GET
H2 200 logo_globoplay.svg
s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/ 5 KB
2 KB 226ms
226ms Image
image/svg+xml 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/logo_globoplay.svg
Requested by: Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://barra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
content-encoding: gzip
x-openstack-request-id: tx24a03ed99a9d4c1a8abb1-0065a9fd94
last-modified: Mon, 17 Oct 2022 13:20:36 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-timestamp: 1666012835.41302
cache-control: public, max-age=180
x-trans-id: tx24a03ed99a9d4c1a8abb1-0065a9fd94
x-request-id: 46061e7d-cbe7-43d4-a5a5-eed8f084f333

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
298 B 8ms
7ms Image
image/gif 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1705639333264&ns_c=UTF-8&c8=Galileu&c7=https%3A%2F%2Frevistagalileu.globo.com%2F&c9=
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
via: 1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: nz2-c-0bY2onC2vCBUowmr5jT-56-s9DsSPL7DeI0vpYO1XvFV7_iA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC5E 0
0 49ms
48ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstR_WTn_jhj1bOTrd3xeIbXMhYK5qlOHbRNOoMud6eeWFb64xVXJ1jLGwxi3BTG2ljqGmTmfzIgHS4Y1AfmHikIaDYwCcKvGeji3YBxLoxI0tzKd4F3OLaCIfPCqjxtJno4l_86XdNvgw-3UEUql0uduYh1t8CbWmitForQd_FrInzG23uLzlNyf--3EYgulvgLbBGTUqvvPBERc1Gt1UBQRLn5amdZMakJrmtAcjD3li4My1yhfbmSGTcQz5tOOC_52jbYryvMfdJgHg5fMbDt6I3HJ5hPNYA2O3asyqwd7XZLYmReAggxHPOLYpVOKsfAxRwodhMdjgjsMsVk2GOgQ86uTpWu48-iSjyX&sai=AMfl-YTrM8ZnY4ZabcBw-r1ZrvlLG4XJIIsWq5SJ5k4aR16Ivsv_UEZwQW_mgCdz4YPn3J_Tfzg-_IZGmtgHaC8DF7Np7-LScSgSGAuHijMsE7_IGGyKyrVi1oZ-CbB-LJEi8POmqAv1bsEpOhtR-68XdRcS&sig=Cg0ArKJSzEMbjcduCxNDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Jan 2024 04:42:13 GMT

GET
H2 200 semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame CC5E 16 KB
16 KB 254ms
253ms Font
application/font-woff2 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Origin: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
x-openstack-request-id: tx218ac623dfe14163bbaf1-0065a9fda5
last-modified: Tue, 25 Jun 2019 17:36:47 GMT
x-thanos: 0AB24047
etag: 365c53275ca5dad1584b7e0bd3a46c1e
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484206.27623
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16172
x-trans-id: tx218ac623dfe14163bbaf1-0065a9fda5
x-request-id: 2f840fc1-f501-4ba5-8dea-26afee4af98c

GET
H2 200 regular.woff2
s3.glbimg.com/cdn/fonts/proximanova/ Frame CC5E 20 KB
21 KB 251ms
251ms Font
application/font-woff2 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/proximanova/regular.woff2
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Origin: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
x-openstack-request-id: tx1dc7e384bd97460791b2f-0065a9fda5
last-modified: Tue, 25 Jun 2019 17:42:57 GMT
x-thanos: 0AB24047
etag: a28c6bf751afd0731507d904609fe5da
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484576.57450
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20904
x-trans-id: tx1dc7e384bd97460791b2f-0065a9fda5
x-request-id: b106559f-8279-4713-8ab6-7c6e1d017cf6

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC5E 0
0 73ms
47ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCAX5qTUNIXMi0T02AwZr8akrTStO_ZbqpGnssH0qv-sBP5pSxZmuj4reNHwuAMKaGRkNFnL9yqwkkCaiQK8uGOV1_pNxbxTFrnyAyIIU24RMxQksTvkWmZgtO69AmtvKfYOlomgGBg5YEreZoGy_Zxo9ER9awVEQA2b7pVcpEmfRd6m8wMob4uwJWtTF9Tu6uc0MYnYbvayosPir5DThXWLIEUzdwthDebdptOyHzye7nqc8mKnuawf5VLr5paCan-fKnbCWACMBc7mB5LOcy4-x4MFVIJYSqntLku0YBLxi0az4RcfkFNMWYKolULueqdZLsjFusoVuohW8TbyqzsEnlWpIGndtubx9OLYQ&sai=AMfl-YS14u7Qy_o6Ly9Y76rKwphd_WA3M6I3UiHE3HpRO1Y25R973il_vdcuJjZXkhPRat9cj3FDQR_1ko01Z7h5kcpogT86SM6oyMtm2uR9KWNOfC4YiDxIxmXuhjqtefk2-Xf47Duoe-2-f-q3HnOKaOEb&sig=Cg0ArKJSzAA6HO5Urv_7EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Jan 2024 04:42:13 GMT

GET
DATA 200
OK truncated
/ Frame CC5E 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a75268acca1064d377254869ef57a291839c04dd129d50a849ab714c67a2d00a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 horizon-pageview
horizon.globo.com/auth-session/activity/revistagalileu/ 0
323 B 1526ms
109ms Image
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/revistagalileu/horizon-pageview?object=https%3A%2F%2Frevistagalileu.globo.com%2F&Referrer=&tags=&client_version=0.3.11

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.79.211.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
strict-transport-security: max-age=60
content-length: 0
x-served-from: hzt-tsuru
content-type: text/plain; charset=UTF-8

GET
H2 200 container.html Show response
447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BCF2 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:13 GMT
expires: Sat, 18 Jan 2025 04:42:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3EC1 624 B
689 B 87ms
52ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEPWIy-AEGNih9foBMAE&v=APEucNVd6B33xjYdD-PRjQ16citmKRKI4cldrT4kcCv0lfCxtNL5TMLvsWiKU-tVnahvLBICQEEyH6nWL1EJxTPQU7JEN4Pr0vIlG9E8XIrthXSZTWzbFcx7Mq12YaSP_NEQaP7xGB7XLJ21qzugWEUT-vTqMRzISMagsVViyK9Po6Z1FfDyQSc

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:13 GMT
expires: Fri, 19 Jan 2024 04:42:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/ Frame BCF2 23 KB
9 KB 46ms
12ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/abg_lite_fy2021.js

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:30:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:30:47 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/ Frame BCF2 8 KB
3 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 17:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 17:01:13 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame BCF2 0
0 132ms
56ms Fetch
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv6By8EmSw7zJUr087U8ixmYKcvD2Z1Osj4qjFE0EYmp5Ilz-hVaBB44eRN2inJ-gRAKRxG6_woF2MCjEOJiMSNEfnVLMniXzmgrBCF4A6LGmUnNlGG4plQcohCE0s4J2Iebp_OrYMZGeiExcVr_zCSsKIc4RpWqQUP24CDLjXDqzxnv-EFGd31MAG3-A8ooszH99URAajXWzRazFqDBdDAA5CzPbP96vOzrhJgc3PZWeE4hlSXAn4KU8nJL7udl8NxUHcsPsRSFFGrnsb3dgMjN5N_sdKbNKilSfuXduNUzp4efILavecFoq9kR1VvCmRDhmGowqGVKtfuOjEVqYEvmcXHrdH9dl7IKaa0VhXdSR4wMdiliwRQCLAks_adtK_0wbmiuhiVsD5TEG66JqzDioP_m2MjeLXK_8HU7TDykrG9Qr9qU5fJ--qwvvR-jrIuN7ze-YYnidsF09AtxqJCwDFLW2xS2isdkwS4YaV0l3SrSAkJ1MlWg_184222CUvYlITj56gcKOQ-I71GMxSe8liDfcj4KSRHORrNCOCIcTJFBZMpXvHhOxuXNlVXD30AmW-ZgTQ6KwmOMK6OG7wP3FSoEc6Rc5cADed4eL_vequDAFFQ14bDLeixBhmrBHdRqOYs2P4igtaUK2jvUw6Xk8BG9XTUA8e2V6xTxh_lHjpFsncgSTQhvFwgLw3tjcuJ1d6DEqQ7aN85bZ2m4OvqcevT1K-t9tnhaMsKXMDNn4S-CzwYotA1nNnHlI6Vw054bTVABCTor3EJF8xeW6e6ZoK7Hx0JR8rrS-CsuqgTtXYw9O0jw66MQ5BjYJR3DpZg7pn59dEneX0jMYgKvExt20ACtmfRzyuAVloE9NrcKCvagl-7PWKZxFr_pCVrLkjYmB2CWGs_OCDMUqqAhBanRh63O4XUzryF7srM7x6thVzRjXfp7jjoqkj51In_czxhRH4CkV8YVuGWb0jBDHBZuW9I049rE0S8Hf0Sx4Er8SDCyLlxtm0lwQ48vDN70vEn9XG7LNfwNBdvwT0wwisLm7eoL9y6N1s0PBpncF-hcirtDaMusyw93EurEA0qTO0r5JbEYOvWsdfw1PFsk5WW-6pwU4krvbPkE0PjGiZH30Y5VCdODcDHsRAyS3gERLmyBWF1ohNEMCQinbzPSAY0dLjMTYR5OdPNslbbxQkbkILB9krqmfF87aJSU5kjExvZEsvASrjJ9xpJwBwu9JOrLWwUCMes6iy0CgZLQtfv5rJ9upyKtT-rqrMFcPi0VE1h-w8PtTedInpGmMU93TlGQgBIG_tXxvSempyZTGbA54EPQ-tQV1qoOY5ahdkbVkDHrvG-TTxUbegYgOXVi10U6h9l2PEMXhUP8Gnm_XvQ5bJHOkP6JhzTPgL0BbY8wNzUs57jABHYzxKqbHkt4jOYC_z2-ySVSgbW3XQBKDX0yrEQmxWa6IaLEPBCAZMKs0DkDK0kufTby5ieEn2m3TI2fQ&sai=AMfl-YQbRIm2f-a-vMd1ybPQ_gd_KxTWksg264jmzBEWZ5ScwVKMdUxzYjvPZdEE2PPpwIdFtcgUzIWlbZrXSTd5KpPefXwikj2BLgI2FsSXF3ruq7LiHgtwpJBF-HA93ZO-NvCx80tFuhS33dOINvtKRl8O-lYdUHrEviFfWN520OKW7orSTUD4MpXTe9qBrNVlmz7S3IfB83viimrTGxdOPgOz_ciVIOQv99XmGhXlsr1Y8n6y34DhCA7UjZ1l93en0MsaU8So7fwf9JHgva9sEKtAbb5VrXRgq7pTeyme6zqaH8LFkUgZItxXwdu3bHg_wORlwaYgMOdH8W-P_vwsN1u7euh-rryPE-Z1j5PmbJACVo8pUXg7e_H1Ls0odd-nBWQbSMwgCtUshjgMSi7j2wKk2eYFyU_7d-exHjejYAhnojn_B9dUecXFOc4IoafQeiCnMa4VSOMzp0inH9YwMH4lJYedwSfeVJ8yByD4eR4aiU9sd8UCNJFwmOkLnbArD2V3vGE&sig=Cg0ArKJSzG_DR3eqqFvNEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZWljYS1jYW1lcmEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240117.65384&arae=0&ftch=1&adurl=

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 19 Jan 2024 04:42:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BCF2 41 KB
14 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame BCF2 3 KB
1 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame BCF2 20 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCF2 42 B
173 B 75ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dkl5fgQXkzpqPMEmCRAmvgqGbEXyjy1Q1GUNgMKNGzm8Lc3m_nNBqK7ZU2ttBnKUcRJBhMRwzxcv5H_b-gVWNxRhVrMSk_6kEifdGFMWkRVOFw_5o

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCF2 206 KB
65 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 04:42:13 GMT

GET
H2 200 2212300329896745122
s0.2mdn.net/simgad/ Frame BCF2 168 KB
168 KB 46ms
14ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2212300329896745122

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d0656d441b3f89bca9b47d53f7d5ff82324290779a2aeae4d6f759577b874c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 02:22:36 GMT
date: Wed, 17 Jan 2024 02:22:36 GMT
x-content-type-options: nosniff
age: 181177
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171600
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 09:31:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7A78 38 KB
13 KB 13ms
13ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 200885
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BCF2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4fadfc5db4372d911d7ad12c15ee0e5a6b5181b38b0c1d46d13e05a75034c14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A78 39 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 12:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 12:55:53 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3EC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1Sy56irZDG16LV_5-THYs&google_cver=1

43 B
769 B

19ms
19ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1Sy56irZDG16LV_5-THYs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEPWIy-AEGNih9foBMAE&v=APEucNVd6B33xjYdD-PRjQ16citmKRKI4cldrT4kcCv0lfCxtNL5TMLvsWiKU-tVnahvLBICQEEyH6nWL1EJxTPQU7JEN4Pr0vIlG9E8XIrthXSZTWzbFcx7Mq12YaSP_NEQaP7xGB7XLJ21qzugWEUT-vTqMRzISMagsVViyK9Po6Z1FfDyQSc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzZUVQtXn0R8t%2BJU5VsRyelEL41NuFEibGmLQMNzBJbnyGMX%2FL2zbxYHVwMYYUGPuHUl5R6TActHAyVLN96oYCXe%2BUQOPrnnvP9UgchOxRXisXcLNuOOgs1QhkMK0nK8YaqnCetzej8WiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847c68ebcd7b1e1c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1Sy56irZDG16LV_5-THYs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3EC1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zan9pREV6gV7G2XaGiiqFAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1Sy56irZDG16LV_5-THYs&google_cver=1

43 B
733 B

19ms
19ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1Sy56irZDG16LV_5-THYs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEPWIy-AEGNih9foBMAE&v=APEucNVd6B33xjYdD-PRjQ16citmKRKI4cldrT4kcCv0lfCxtNL5TMLvsWiKU-tVnahvLBICQEEyH6nWL1EJxTPQU7JEN4Pr0vIlG9E8XIrthXSZTWzbFcx7Mq12YaSP_NEQaP7xGB7XLJ21qzugWEUT-vTqMRzISMagsVViyK9Po6Z1FfDyQSc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJSVqfmiDPU6n%2FozLGx0fN%2BGLszMhWi%2BgmfeUNtss2B6szkK%2FNk9pTheoLcLbddeBkLIigbMtfmlG3dxZDN0PCCSjGzggRHwfKAufrFps7HEKx%2BOxuNLKAEEcWvAvhpIdsaFfotxbz2gTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847c68ebed951e1c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1Sy56irZDG16LV_5-THYs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3EC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDxJaPOlAphjw-KWoaQu_Wk&google_cver=1

43 B
1008 B

7ms
7ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDxJaPOlAphjw-KWoaQu_Wk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEPWIy-AEGNih9foBMAE&v=APEucNVd6B33xjYdD-PRjQ16citmKRKI4cldrT4kcCv0lfCxtNL5TMLvsWiKU-tVnahvLBICQEEyH6nWL1EJxTPQU7JEN4Pr0vIlG9E8XIrthXSZTWzbFcx7Mq12YaSP_NEQaP7xGB7XLJ21qzugWEUT-vTqMRzISMagsVViyK9Po6Z1FfDyQSc

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:13 GMT
an-x-request-uuid: e2af6caa-17e6-4b39-a8b6-820c7bebe2a9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.135; 178.162.209.135; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDxJaPOlAphjw-KWoaQu_Wk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3EC1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE2Mjk3MjEyNzU5Mzk2NTA1Mw%3D%3D

170 B
243 B

22ms
22ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE2Mjk3MjEyNzU5Mzk2NTA1Mw%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:13 GMT
an-x-request-uuid: 8c2d2a8f-4642-4797-b872-8cafc460fa2b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE2Mjk3MjEyNzU5Mzk2NTA1Mw%3D%3D
x-proxy-origin: 178.162.209.135; 178.162.209.135; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame BCF2 0
0 48ms
47ms Fetch
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv6By8EmSw7zJUr087U8ixmYKcvD2Z1Osj4qjFE0EYmp5Ilz-hVaBB44eRN2inJ-gRAKRxG6_woF2MCjEOJiMSNEfnVLMniXzmgrBCF4A6LGmUnNlGG4plQcohCE0s4J2Iebp_OrYMZGeiExcVr_zCSsKIc4RpWqQUP24CDLjXDqzxnv-EFGd31MAG3-A8ooszH99URAajXWzRazFqDBdDAA5CzPbP96vOzrhJgc3PZWeE4hlSXAn4KU8nJL7udl8NxUHcsPsRSFFGrnsb3dgMjN5N_sdKbNKilSfuXduNUzp4efILavecFoq9kR1VvCmRDhmGowqGVKtfuOjEVqYEvmcXHrdH9dl7IKaa0VhXdSR4wMdiliwRQCLAks_adtK_0wbmiuhiVsD5TEG66JqzDioP_m2MjeLXK_8HU7TDykrG9Qr9qU5fJ--qwvvR-jrIuN7ze-YYnidsF09AtxqJCwDFLW2xS2isdkwS4YaV0l3SrSAkJ1MlWg_184222CUvYlITj56gcKOQ-I71GMxSe8liDfcj4KSRHORrNCOCIcTJFBZMpXvHhOxuXNlVXD30AmW-ZgTQ6KwmOMK6OG7wP3FSoEc6Rc5cADed4eL_vequDAFFQ14bDLeixBhmrBHdRqOYs2P4igtaUK2jvUw6Xk8BG9XTUA8e2V6xTxh_lHjpFsncgSTQhvFwgLw3tjcuJ1d6DEqQ7aN85bZ2m4OvqcevT1K-t9tnhaMsKXMDNn4S-CzwYotA1nNnHlI6Vw054bTVABCTor3EJF8xeW6e6ZoK7Hx0JR8rrS-CsuqgTtXYw9O0jw66MQ5BjYJR3DpZg7pn59dEneX0jMYgKvExt20ACtmfRzyuAVloE9NrcKCvagl-7PWKZxFr_pCVrLkjYmB2CWGs_OCDMUqqAhBanRh63O4XUzryF7srM7x6thVzRjXfp7jjoqkj51In_czxhRH4CkV8YVuGWb0jBDHBZuW9I049rE0S8Hf0Sx4Er8SDCyLlxtm0lwQ48vDN70vEn9XG7LNfwNBdvwT0wwisLm7eoL9y6N1s0PBpncF-hcirtDaMusyw93EurEA0qTO0r5JbEYOvWsdfw1PFsk5WW-6pwU4krvbPkE0PjGiZH30Y5VCdODcDHsRAyS3gERLmyBWF1ohNEMCQinbzPSAY0dLjMTYR5OdPNslbbxQkbkILB9krqmfF87aJSU5kjExvZEsvASrjJ9xpJwBwu9JOrLWwUCMes6iy0CgZLQtfv5rJ9upyKtT-rqrMFcPi0VE1h-w8PtTedInpGmMU93TlGQgBIG_tXxvSempyZTGbA54EPQ-tQV1qoOY5ahdkbVkDHrvG-TTxUbegYgOXVi10U6h9l2PEMXhUP8Gnm_XvQ5bJHOkP6JhzTPgL0BbY8wNzUs57jABHYzxKqbHkt4jOYC_z2-ySVSgbW3XQBKDX0yrEQmxWa6IaLEPBCAZMKs0DkDK0kufTby5ieEn2m3TI2fQ&sai=AMfl-YQbRIm2f-a-vMd1ybPQ_gd_KxTWksg264jmzBEWZ5ScwVKMdUxzYjvPZdEE2PPpwIdFtcgUzIWlbZrXSTd5KpPefXwikj2BLgI2FsSXF3ruq7LiHgtwpJBF-HA93ZO-NvCx80tFuhS33dOINvtKRl8O-lYdUHrEviFfWN520OKW7orSTUD4MpXTe9qBrNVlmz7S3IfB83viimrTGxdOPgOz_ciVIOQv99XmGhXlsr1Y8n6y34DhCA7UjZ1l93en0MsaU8So7fwf9JHgva9sEKtAbb5VrXRgq7pTeyme6zqaH8LFkUgZItxXwdu3bHg_wORlwaYgMOdH8W-P_vwsN1u7euh-rryPE-Z1j5PmbJACVo8pUXg7e_H1Ls0odd-nBWQbSMwgCtUshjgMSi7j2wKk2eYFyU_7d-exHjejYAhnojn_B9dUecXFOc4IoafQeiCnMa4VSOMzp0inH9YwMH4lJYedwSfeVJ8yByD4eR4aiU9sd8UCNJFwmOkLnbArD2V3vGE&sig=Cg0ArKJSzG_DR3eqqFvNEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZWljYS1jYW1lcmEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=105&vt=11&dtpt=104&dett=2&cstd=0&cisv=r20240117.65384&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A78 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BFrfRpf2pZe-QDIWG7_UP_6aasAQAAAAAOAHgBAI&bg=!hYalhsnNAAa8BdJLnAU7ADQBe5WfOIxHwlOGDoxShHjURXP2N86WvbDcU2ld2RELGP28s99fvRWc-FF-txCdxGgdy9FKAgAAADdSAAAAAmgBB5kDCT3h5uW2Fp4CoIERGYl6rLFAcZ4eZOx5vZJRHldOKK-o0akfe1hvDaZBstS9WzmxnhOit_YgelZZ5qtYvArRcjjNfSQbxOMJIENkZn1Z5orQXOymYzDYiOPHv36SK7GSr4nkZG8vgHmP5kMfztKgQo5L8bRBOEXcH3vy6Z0its0JUKTNx0_rRr--yy3HSvp3fegbWl2CwbUJXuN4LuYpbjxdmiMuKVdCwYqgCSqr8hr0OU26MOSKhjusKvJIGOdmBfc5ZQ-oItfloDhItUJDiouOmUxov_VguVmTd7vC41gqty1cY8RFtaliTr0l659vV7h6eKdi4PhHGPhoFcVRWSBI79PxOVZopBQNbG-BqwEUoG9YDHMoIFCfPO6m09vefxxthg6GkHptAvAAn6xKgD2oNSIsAfjovOEtIXKwuS8i90cHu9Gx7sUUo1DubbSlhn-wsRhb5wrpgDrcblun2sJ0HMkK0mLDAOY1iPXWlSUlS3KXCv6PVn-J3KjKxAfhWJWNotEH1E_vnoRKTl2hGKtKmeRMV6LfPcKiakDgFcGl5MUfTZCEJIsX0jGDL-OWlBL_M2wY44qKRf_PPjIRKUQ1MPrevlRfZUAxgt_K5fmjmBJmAhIlC9WfdKj3_Cg3dYVapo0j69VMo6d3EYmSJG4fLYWrE6rjDyaME2cFV6e04rCPlUx5QzBiEEWDcZexGLiXCX-nENeP4pOCePBp5ATgqtuqtarbMkSOcKrgruqwjTvdsuoKXqvg4l-GFYUTGAHe-kHrgDMb40iNQkZghdv6nAenJQDU4gga0TXVVAKIfspAP350i3swE0rouWPmS1GEf1Rw-xT-UFHPh7nBlcykaXTLI7l3ah5IJFv2maPoxanweQQBsyQMi8mAGnQTTsdyeKJjx4q0QaOS8zg262KFtj2mo0cyhhSN42gZfI-ou9DNaUjwMayU0WoxE0jrIbv36zT9ayBgykIieEAjskCtCyGxYUtE_nXGlioPOG1gbFJqOjDUB-wM4ve1x4yS6PeDfen0BiRCTQ

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 step2.html Show response
id.globo.com/auth/realms/globo.com/protocol/openid-connect/3p-cookies/ Frame 8B1C 1 KB
698 B 819ms
818ms Document
text/html 34.110.201.227
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/3p-cookies/step2.html

Requested by

Host: id.globo.com
URL: https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/3p-cookies/step1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.201.227 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

227.201.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none'; frame-ancestors 'self' https://.globoi.com https://.globo.com https://local.globoi.com:8080 https://.apps.tsuru.gcp.i.globo https://.techtudo.com.br https://www.techtudo.com.br;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since, framework_version_header, system_version_header, platform_header, app_id_header, access_header, globoid_connect_apikey
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, HEAD
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate, no-transform, no-store
content-encoding: gzip
content-security-policy: frame-src 'self'; object-src 'none'; frame-ancestors 'self' https://*.globoi.com https://*.globo.com https://local.globoi.com:8080 https://*.apps.tsuru.gcp.i.globo https://*.techtudo.com.br https://www.techtudo.com.br;
content-type: text/html;charset=utf-8
date: Fri, 19 Jan 2024 04:42:15 GMT
p3p: CP="This is not a P3P policy!"
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BCF2 42 B
64 B 75ms
47ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkIon2k-19sLMAL706rmfRxfzKA1osp7nkKy952RjPeytYy6Y_674Nx3mttoIIiWLvdvhwoprSOb6BmjeF7jChym9nFqhpNF0JBsYUrtSerOrDfxz3i3hbMp2zWAQNjVSWMa5eNJ7FBpx539oQ-rpTPJqt&sai=AMfl-YRhSZ3XS-Lg4ZUJ0Igc5N3SYwrkCcU3fPrBUChw2UBRQC2SuGnUJId1vQgQZo7JmOFXvYiSHOI4bXXGc1_4XMRDZlZvpuV-y2KkwCA1aoYv4HREil2AJugoz9EHODqNa9TTE5XThFI-ytEMNIbA&sig=Cg0ArKJSzL0VGCmcojuREAE&cid=CAQSTgAvHhf_FCNgO8hKOF-kWtfdMgSFG1jDdO01_TGqSleyaCk7EA8UuZ859VyI4SVEshGiG2ACbuRqsleNQMU_jiHBxt6GWDnB_g24hczk_hgB&id=lidar2&mcvt=1000&p=197,315,447,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=159803363&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705639333544&rpt=132&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 388 KB
115 KB 36ms
27ms Script
application/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d01a1013f2e1428beeb351111924257112a89e6150eac8fd84c00b7a84e69b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
x-amz-version-id: H7a115WEqNXFo.QtnkpxpTVDitW2prKU
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: B8ZZY9N13TG4M3SA
age: 5916
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Z2evVRKhvl2lLvzmzr78LzbZQP72QJYadOMcG61yYMgC+Xo9KOlByRm9j9Blehy53fn9XUu36clj/FlvydqnOg==
last-modified: Mon, 15 Jan 2024 07:11:57 GMT
server: cloudflare
etag: W/"aa1d660c48c990b14bcbd31be164beca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 847c68f829bb4d2b-FRA
expires: Fri, 19 Jan 2024 08:42:15 GMT

GET
H2

200

https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=revista-galileu%40apps.globoid&redirect_uri=https%3A%2F%2Frevistagalileu.globo.com%2Flogin-callback.ghtml&state=5d0...
https://revistagalileu.globo.com/login-callback.ghtml

345 B
854 B

237ms
237ms

Document
text/html

201.7.177.250
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://revistagalileu.globo.com/login-callback.ghtml

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3efac754de48beab3d6856c94bd81c7c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

201.7.177.250 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=10
content-encoding: gzip
content-length: 244
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 04:42:16 GMT
expires: Fri, 19 Jan 2024 04:42:26 GMT
show-page-version: 0
vary: X-Forwarded-Proto, User-Agent, Accept-Encoding
via: 2.0 CachOS
wall-blocked-session: 0
wall-subscription-level: 0
wall-usl-status
x-bip: 400608133 cmah19lx40ca03.globoi.com
x-cache-status: MISS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-location-rule: ghtml
x-mobile: desktop
x-request-id: 43ee2afe-5599-42eb-9c86-f41ebf19271b
x-served-from: rpaas-multi-domain-edg2-prod, Show Services GCP
x-thanos: 0A819C85
x-virtual-host: revistagalileu.globo.com
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since, framework_version_header, system_version_header, platform_header, app_id_header, access_header, globoid_connect_apikey
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, HEAD
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, must-revalidate, max-age=0
content-length: 0
date: Fri, 19 Jan 2024 04:42:15 GMT
location: https://revistagalileu.globo.com/login-callback.ghtml#error=login_required&state=5d01a827-88fe-4aea-8682-5951a343d696
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
240 B 24ms
8ms XHR
text/plain 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://revistagalileu.globo.com
date: Fri, 19 Jan 2024 04:42:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Frevistagalileu.globo.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Frevistagalileu.globo.com%2F&rid=esp&cc=1

85 B
194 B

124ms
124ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Frevistagalileu.globo.com%2F&rid=esp&cc=1
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 91e63df1ec370b26aa26b16053fb541e05eb5567dc4ef4e4b1662b68d6b9fda2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-bHtRw57pmA6+M29jklVYXUtjRaY"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 19 Jan 2024 04:42:15 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://revistagalileu.globo.com
location: /esp?url=https%3A%2F%2Frevistagalileu.globo.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D973 14 KB
6 KB 42ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=revistagalileu.globo.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 310944
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
340 B 101ms
30ms XHR
application/json 54.194.101.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.101.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7fcb60334e3a75bb9ee55518a322dcf7b43a66f0a1c7862de1936e86de915a2e

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache
x-server: 10.45.8.232
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame D973
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=revistagalileu.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=WGHDM3xSOWlZdkxodEx4UkRpK3UwNzVjUE9XeGZxUmpYNE12RTFwb0pidmlQNnh3bnp5RmJtTTZIR3hiR3ZMQU52U2Q5Zkl6amxRMWJGdGhGUDNIRTJYMS9Ea05mV1Y1VGZJY2hIYWY0WWliR3hkV05Gc0JNd3BSTmxSeG...

417 B
651 B

15ms
14ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=WGHDM3xSOWlZdkxodEx4UkRpK3UwNzVjUE9XeGZxUmpYNE12RTFwb0pidmlQNnh3bnp5RmJtTTZIR3hiR3ZMQU52U2Q5Zkl6amxRMWJGdGhGUDNIRTJYMS9Ea05mV1Y1VGZJY2hIYWY0WWliR3hkV05Gc0JNd3BSTmxSeGY1bXRuR3d3a3k4dVo0VFJNVDY0eGZ6MndhN2ZwY09PSDFQc2xlekZLWWZpWGlZcG9DdDRBdEdvTE52REVmU0xMdVFYMFlJaDI0Y20vck9zSjV1bzRNb1dFQ0dnM0xQYUt3RS9HVGZQTjNGR0FDRU5CZmVVblZSWUhFb2g4bERNWStJeksvQXNibStsQ3Byckx0bld3bVR5SWJiVGYxUT09fA&cppv=2

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f6dfc7a4b2d5174583d0decd3bd014f91345f6215e3bfbaf60513cc3173c5459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1242158
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=WGHDM3xSOWlZdkxodEx4UkRpK3UwNzVjUE9XeGZxUmpYNE12RTFwb0pidmlQNnh3bnp5RmJtTTZIR3hiR3ZMQU52U2Q5Zkl6amxRMWJGdGhGUDNIRTJYMS9Ea05mV1Y1VGZJY2hIYWY0WWliR3hkV05Gc0JNd3BSTmxSeGY1bXRuR3d3a3k4dVo0VFJNVDY0eGZ6MndhN2ZwY09PSDFQc2xlekZLWWZpWGlZcG9DdDRBdEdvTE52REVmU0xMdVFYMFlJaDI0Y20vck9zSjV1bzRNb1dFQ0dnM0xQYUt3RS9HVGZQTjNGR0FDRU5CZmVVblZSWUhFb2g4bERNWStJeksvQXNibStsQ3Byckx0bld3bVR5SWJiVGYxUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 321826
content-length: 0
expires: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
494 B 67ms
29ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 77b204d1bb0ae1622ef8ef5ca7a1071c6e0777454f9c2f5ef859612cce97fff0

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: caed3e16bdf3eccc64ba456a6141a5d0
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
60 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXVN776&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6MZG9W

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ad112a46f1d5e0ba1a7298e264f40e186d1f4d111091197a1a7f0cbe09d09df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60963
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jan 2024 04:42:15 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
60 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6MZG9W

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45d09bfa255aa651245bfd157429a2e2f8476d422ec8db62ad3067d5185a311a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61051
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jan 2024 04:42:15 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
59 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3GJS46&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6MZG9W

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d27960219ae7e67a78dd8c91e3cedfb2646893bd4553c806830419931f80c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60114
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jan 2024 04:42:15 GMT

GET
H2 200 ivc.js Show response
gadasource.storage.googleapis.com/ 71 KB
24 KB 61ms
13ms Script
text/plain 2a00:1450:4001:800::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gadasource.storage.googleapis.com/ivc.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:36:56 GMT
content-encoding: gzip
age: 319
x-guploader-uploadid: ABPtcPrPn9qvf3v9eO_nzbDiUGmCTsH4fpozUxdN1TLNAO2lJjEoRL0QlIJDh0C61SIj40XFstU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24321
last-modified: Mon, 02 Sep 2019 19:50:51 GMT
server: UploadServer
etag: "cdaa61cbc24c48191196b45b31a7e18b"
vary: Accept-Encoding
x-goog-generation: 1567453851562424
x-goog-hash: crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
content-type: text/plain
cache-control: public, max-age=3600
x-goog-stored-content-length: 24321
accept-ranges: bytes
expires: Fri, 19 Jan 2024 05:36:56 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7aa4d5de5abdae4603540b48171e45742399584aa06f8ddefe4bdc547de20e35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Jan 2024 04:42:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57003
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: xeNopgbKl2T9JZZUCLkJnB9Xlt6SGfVZifxF/+aqxAADDW7LzzofafhrpD88Vld+HbJU3ynxvUJ0U7+0EFF/+g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035227/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

9ms
9ms

Script
application/javascript

18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 09:56:33 GMT
content-encoding: gzip
via: 1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 67542
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 1NAwJTVgaplP639A6JnRQhsqQpcnC1tCgZS_85bImVWHvfRn-zM5nA==

Redirect headers

date: Fri, 19 Jan 2024 04:42:15 GMT
via: 1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: RzNXz5Us05jnzHYPX9E8dtylMdday1-y4b1wETxqsa2AekxGPLltbA==

GET
H2 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 162 KB
46 KB 129ms
90ms Script
application/javascript 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c60ef6ae63c65ef633b240c98cabe4d6998ba4e031887d6f6d1a84fea4532b14

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time: 2ms
date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 19 Jan 2024 04:14:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-envoy-upstream-service-time: 10
accept-ranges: bytes
cf-ray: 847c68f7fba86646-AMS
alt-svc: h3=":443"; ma=86400
content-length: 47276

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/editoraglobonetwork/ 855 KB
164 KB 28ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 336ef5154a9c676d1b12e061f7fdd7e732bc3bffad24b5c565c3b9c5b9dc60f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: IEuWKeLx2UYTLwX03.MIQtsvBDHUelhf
content-encoding: gzip
via: 1.1 varnish
date: Fri, 19 Jan 2024 04:42:15 GMT
x-amz-request-id: VAANGXRQFC8MG5AC
age: 28598
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167440
x-amz-id-2: Cf6bk0upcThsgbao5ncnpjqlF/yHEI0c9B2tlW2MJFP4E6xTIBHW0+bWv4el6USM9GKu2aG4KnM=
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Thu, 18 Jan 2024 20:45:36 GMT
server: AmazonS3
x-timer: S1705639336.871066,VS0,VE0
etag: "690cc6f4f947a4f52e06087c02142e3b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 64
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 12

GET
H2 200 lib-pub-ext-tags-galileu-latest.js Show response
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/galileu/prod/ 2 KB
1 KB 249ms
248ms Script
application/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/galileu/prod/lib-pub-ext-tags-galileu-latest.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6MZG9W
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: e3f422ae8bc9e4874e20a1d051cc2cde9a2e2f0e84d8a4ef84a82d90b3b5cc79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
x-openstack-request-id: txaf9c573f3b5a4024bbf3f-0065a9fda7
last-modified: Tue, 07 Mar 2023 22:44:39 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1678228326.000000
content-type: application/javascript
x-timestamp: 1678229078.60381
cache-control: public, max-age=180
x-trans-id: txaf9c573f3b5a4024bbf3f-0065a9fda7
x-request-id: 4ee8acda-4345-4f44-a500-4f3e54c3a0c7

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 66ms
66ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501753496430904&correlator=2247863080543079&eid=31079956%2C31080257%2C31079724&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fif&iu_parts=85042905%2Cedgalileu%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=3&didk=3389147196&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&abxe=1&dt=1705639335642&lmt=1705639335&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frevistagalileu.globo.com%2F&vis=1&psz=1200x316&msz=266x0&fws=132&ohw=266&psts=AOrYGsljxsWtZ2Q4TT-UZDZzyou1RSUjyJYU5ZB1px2C9pqu4VoWleVtWB3QsX0wxyr61-EFu4QGSY8u1YUj_xxpsBck4A&ga_vid=2089446785.1705639333&ga_sid=1705639333&ga_hid=810549604&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY_JmbgNIxSABSAghkEjsKCnB1YmNpZC5vcmcSJDFiZmE0MjlhLTUzY2UtNDAzMi1iNTAzLTQ2ZTM4ZDg2NWQxZhifmpuA0jFIABIdCg5lc3AuY3JpdGVvLmNvbRj8mZuA0jFIAFICCGQSFwoIcnRiaG91c2UY_JmbgNIxSABSAghkEhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhQKBW9wZW54GPyZm4DSMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YnqubgNIxSABSAghq&dlt=1705639330513&idt=1252&prev_scp=Editora.pos%3DBox-Chamada-1&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D5%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1705639332142%26prmtvvid%3D%26prmtvwid%3D&adks=1251676767&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdbe9f6df71c07f837f4278c5e1cc6822db49fb3c78224c664260ee6bf63d5e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12205
x-xss-protection: 0
google-lineitem-id: 5512994092
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138453961614
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 70ms
69ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501753496430904&correlator=2385521459069195&eid=31079956%2C31080257%2C31079724&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fif&iu_parts=85042905%2Cedgalileu%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=4&didk=3389147194&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&abxe=1&dt=1705639335646&lmt=1705639335&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frevistagalileu.globo.com%2F&vis=1&psz=1200x316&msz=266x0&fws=132&ohw=266&psts=AOrYGsljxsWtZ2Q4TT-UZDZzyou1RSUjyJYU5ZB1px2C9pqu4VoWleVtWB3QsX0wxyr61-EFu4QGSY8u1YUj_xxpsBck4A&ga_vid=2089446785.1705639333&ga_sid=1705639333&ga_hid=810549604&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY_JmbgNIxSABSAghkEjsKCnB1YmNpZC5vcmcSJDFiZmE0MjlhLTUzY2UtNDAzMi1iNTAzLTQ2ZTM4ZDg2NWQxZhifmpuA0jFIABIdCg5lc3AuY3JpdGVvLmNvbRj8mZuA0jFIAFICCGQSFwoIcnRiaG91c2UY_JmbgNIxSABSAghkEhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhQKBW9wZW54GPyZm4DSMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YnqubgNIxSABSAghq&dlt=1705639330513&idt=1252&prev_scp=Editora.pos%3DBox-Chamada-3&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D5%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1705639332142%26prmtvvid%3D%26prmtvwid%3D&adks=396478897&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

deec20c33558113e08cffdf1c4b8b2df7ce13dba16bb2412c5a1c936dcb4b4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12264
x-xss-protection: 0
google-lineitem-id: 5512994092
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138453953418
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 55ms
55ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501753496430904&correlator=3534404925713955&eid=31079956%2C31080257%2C31079724&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fif&iu_parts=85042905%2Cedgalileu%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&didk=4212400324&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&abxe=1&dt=1705639335648&lmt=1705639335&adxs=100&adys=5765&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frevistagalileu.globo.com%2F&vis=1&psz=1600x45&msz=1400x0&fws=0&ohw=0&psts=AOrYGsljxsWtZ2Q4TT-UZDZzyou1RSUjyJYU5ZB1px2C9pqu4VoWleVtWB3QsX0wxyr61-EFu4QGSY8u1YUj_xxpsBck4A&ga_vid=2089446785.1705639333&ga_sid=1705639333&ga_hid=810549604&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY_JmbgNIxSABSAghkEjsKCnB1YmNpZC5vcmcSJDFiZmE0MjlhLTUzY2UtNDAzMi1iNTAzLTQ2ZTM4ZDg2NWQxZhifmpuA0jFIABIdCg5lc3AuY3JpdGVvLmNvbRj8mZuA0jFIAFICCGQSFwoIcnRiaG91c2UY_JmbgNIxSABSAghkEhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhQKBW9wZW54GPyZm4DSMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YnqubgNIxSABSAghq&dlt=1705639330513&idt=1252&prev_scp=Editora.pos%3DDhtml&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D5%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1705639332142%26prmtvvid%3D%26prmtvwid%3D&adks=2192286088&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68bad85318721e59323bc71cf782ddc43d626072cfbf5a666198dd44d93bcd52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12117
x-xss-protection: 0
google-lineitem-id: 5770992144
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138389619062
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 8ms
8ms Image
text/plain 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035227&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705639335706&ns_c=UTF-8&c7=https%3A%2F%2Frevistagalileu.globo.com%2F&c8=Galileu&c9=
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
via: 1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: 8jtXr-4fl_Ddn_KJWF_2rJYRgoj46puTCaKCpgdAbALh1peh1JmrrA==
x-cache: Miss from cloudfront

GET
H2 200 settings.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 3 KB
2 KB 250ms
250ms Script
application/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
x-openstack-request-id: tx78ba8e7664e84c53901e8-0065a9fda7
last-modified: Sat, 02 Sep 2023 17:44:45 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1693675470.000000
content-type: application/javascript
x-timestamp: 1693676684.90264
cache-control: public, max-age=
x-trans-id: tx78ba8e7664e84c53901e8-0065a9fda7
x-request-id: a6aaa603-8be2-471d-941e-935b1ed2f9a1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0E66 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-2tXTquC29Tw83aKNDLLbZ11U9imkdP9fO46QdOFAdKdElHOICIUCvBz5teOJaHWgOmgtskPJfmaDizcAfKnPCh9rw-3GDGtCXWNlzykSL66fInmeIkeERCClNI00hxcSlgXezFzrw-22m-s6LiH_1r7soHJK5PuglDZEHCJrMdtL4AFYnZaTAF0FPyOxs_skub7TuQYUXOdpr7vjUXa-ruZHeJbVB83QMuWVA5DGcdicpTgVFlco1r5dJbAPeIinQDg1it_izEz3TA3MQgjLAGuT7wfmoLnzW_CQMb6k8RVSO9bE9W1sTAD8Qhis_VytyeZsTTbW4cYRixD6Jnd3zADwHiY-mKuuhHmrpdPayaZDf03-9hQgSCA&sai=AMfl-YRqZPlouhCpcmj0v9uINPLK9Lz-LECJ8LBiSkZ_L0kzDbRkjj3Htchi2KInkEQaz20MsP4CvAg9ROBFQ3lorqlEsv1T4Gz4SpiW60Ppg4QlGDk032FwUHoI0lzewg&sig=Cg0ArKJSzO4FgwzFL-c3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 5384.js Show response
cnt.trvdp.com/js/324/ Frame 0E66 3 KB
2 KB 43ms
8ms Script
application/javascript 18.245.31.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/324/5384.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 103e1a798d685441cce9f8bc04271bf60122e8ac367eced7d31750c0266cd216

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 19:36:58 GMT
content-encoding: gzip
via: 1.1 f99e0a5708c6297d4aa91b3e4794707e.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 17:40:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 2797518
etag: W/"7ee34ec429e7fb5a8356b971fdf337ae"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: uxHBpi2k0aXJtoBFYQUZnt9bFur0i31U6bUtuGlfotIGsuKIolqqHQ==

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E66 206 KB
65 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 04:42:15 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame C508 199 B
298 B 66ms
20ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Fri, 19 Jan 2024 04:42:15 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
579 B 397ms
123ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 Lille, France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 486 B
843 B 199ms
160ms Fetch
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=266816&zone_id=1321690&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=1bfa429a-53ce-4032-b503-46e38d865d1f%5E1&rf=https%3A%2F%2Frevistagalileu.globo.com%2F&tg_i.domain=revistagalileu.globo.com&tg_i.page=https%3A%2F%2Frevistagalileu.globo.com%2F&tg_i.adunit=85042905_edgalileu%2Fhome&tg_i.aupname=%2F85042905.*%26.*super.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fedgalileu%2Fhome%23pub-super-2&tk_flint=dmpbjs_v8.23.0&x_source.tid=ea864e4f-d0c9-4ae9-a19d-634bce6df384&l_pb_bid_id=4d2effab606f9f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=afc32707-ac27-455d-9253-931086285cd9&rp_maxbids=1&p_gpid=%2F85042905%2Fedgalileu%2Fhome%23pub-super-2&slots=1&rand=0.816997935215368
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 06469997eb708258fe636781e8829c5b4613c21047aa6a66fe38b076d9b72848

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 486
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
65 B 580ms
542ms Fetch
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
202 B 49ms
23ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=77768590055&lsavail=1&bundle=mXihpV9yT1dJWmdPVUZNRTR4NElINUV5dGJ6MG9veFpQVXpIMVRqTzFmV3o3Q0FOcmc1RXB4cUs0NURIWU9zNHBnWWR2YUplRlpYRDBPa1oxc2h6ZHBnUWV3czZWRmZtbiUyQkdZZkJNUWJzQzhPb0syZ294dlFwdWtHWUVDR3pkVXhxMktnOE9qeGlhREJPcTJOenhRYjNidTV6ZyUzRCUzRA

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://revistagalileu.globo.com
date: Fri, 19 Jan 2024 04:42:15 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
202 B 68ms
44ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=29972621904&lsavail=1&bundle=mXihpV9yT1dJWmdPVUZNRTR4NElINUV5dGJ6MG9veFpQVXpIMVRqTzFmV3o3Q0FOcmc1RXB4cUs0NURIWU9zNHBnWWR2YUplRlpYRDBPa1oxc2h6ZHBnUWV3czZWRmZtbiUyQkdZZkJNUWJzQzhPb0syZ294dlFwdWtHWUVDR3pkVXhxMktnOE9qeGlhREJPcTJOenhRYjNidTV6ZyUzRCUzRA

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://revistagalileu.globo.com
date: Fri, 19 Jan 2024 04:42:14 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
376 B 287ms
253ms Fetch
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 486 B
844 B 191ms
156ms Fetch
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=266816&zone_id=1321690&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=1bfa429a-53ce-4032-b503-46e38d865d1f%5E1&rf=https%3A%2F%2Frevistagalileu.globo.com%2F&tg_i.domain=revistagalileu.globo.com&tg_i.page=https%3A%2F%2Frevistagalileu.globo.com%2F&tg_i.adunit=85042905_edgalileu%2Fhome&tg_i.aupname=%2F85042905.*%26.*super.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fedgalileu%2Fhome%23pub-super-3&tk_flint=dmpbjs_v8.23.0&x_source.tid=ed71e59c-ccdb-4241-b717-78cb78174fe2&l_pb_bid_id=14b12adc1d50698&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2b75801a-1c78-4b90-970d-71fed977d344&rp_maxbids=1&p_gpid=%2F85042905%2Fedgalileu%2Fhome%23pub-super-3&slots=1&rand=0.6634235912032906
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 76d7ebaad0b4e2e7ee2d3f5de29687ebc4c2421c15637229eebbd5a7e52c18d8

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 486
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
574 B 371ms
105ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 Lille, France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
7 KB 197ms
196ms Fetch
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

35fc7cc61c8f3aaf490eb88db3846e0664874788df7780ce58a9c8d13d761fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
an-x-request-uuid: 22f74385-3845-4c98-ab5f-578586dd9db0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.135; 178.162.209.135; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
574 B 382ms
120ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 Lille, France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
65 B 415ms
386ms Fetch
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
202 B 41ms
22ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=72037796112&lsavail=1&bundle=mXihpV9yT1dJWmdPVUZNRTR4NElINUV5dGJ6MG9veFpQVXpIMVRqTzFmV3o3Q0FOcmc1RXB4cUs0NURIWU9zNHBnWWR2YUplRlpYRDBPa1oxc2h6ZHBnUWV3czZWRmZtbiUyQkdZZkJNUWJzQzhPb0syZ294dlFwdWtHWUVDR3pkVXhxMktnOE9qeGlhREJPcTJOenhRYjNidTV6ZyUzRCUzRA

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://revistagalileu.globo.com
date: Fri, 19 Jan 2024 04:42:15 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 472 B
1010 B 158ms
129ms Fetch
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=266816&zone_id=1321686&size_id=15&eid_pubcid.org=1bfa429a-53ce-4032-b503-46e38d865d1f%5E1&rf=https%3A%2F%2Frevistagalileu.globo.com%2F&tg_i.domain=revistagalileu.globo.com&tg_i.page=https%3A%2F%2Frevistagalileu.globo.com%2F&tg_i.adunit=85042905_edgalileu%2Fhome&tg_i.aupname=%2F85042905.*%26.*retangulo.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fedgalileu%2Fhome%23pub-retangulo-1&tk_flint=dmpbjs_v8.23.0&x_source.tid=8da02dd5-77be-4e02-993b-848f48142f9b&l_pb_bid_id=26596d43d159c91&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=56c66ca5-4104-4cb7-a803-ec5355f15d12&rp_maxbids=1&p_gpid=%2F85042905%2Fedgalileu%2Fhome%23pub-retangulo-1&slots=1&rand=0.5073371384775889
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 59edebe61ae8ae6b2e331e50bec4e8bff6197c073732a309cb9ecaf9e63e25a7

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 472
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
65 B 428ms
401ms Fetch
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 17 KB
7 KB 159ms
159ms Fetch
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

69c4e682efd05e113f5e7801648cec8560068626c6f8f9f2bb5ca4dedfbb58f9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
an-x-request-uuid: 580f337a-8bfa-49ee-a57c-a6349406ea7d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.135; 178.162.209.135; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
346 B 280ms
21ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 Lille, France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
203 B 37ms
22ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=39047629524&lsavail=1&bundle=mXihpV9yT1dJWmdPVUZNRTR4NElINUV5dGJ6MG9veFpQVXpIMVRqTzFmV3o3Q0FOcmc1RXB4cUs0NURIWU9zNHBnWWR2YUplRlpYRDBPa1oxc2h6ZHBnUWV3czZWRmZtbiUyQkdZZkJNUWJzQzhPb0syZ294dlFwdWtHWUVDR3pkVXhxMktnOE9qeGlhREJPcTJOenhRYjNidTV6ZyUzRCUzRA

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://revistagalileu.globo.com
date: Fri, 19 Jan 2024 04:42:15 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 472 B
831 B 198ms
173ms Fetch
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=266816&zone_id=1321686&size_id=15&eid_pubcid.org=1bfa429a-53ce-4032-b503-46e38d865d1f%5E1&rf=https%3A%2F%2Frevistagalileu.globo.com%2F&tg_i.domain=revistagalileu.globo.com&tg_i.page=https%3A%2F%2Frevistagalileu.globo.com%2F&tg_i.adunit=85042905_edgalileu%2Fhome&tg_i.aupname=%2F85042905.*%26.*retangulo.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fedgalileu%2Fhome%23pub-retangulo-2&tk_flint=dmpbjs_v8.23.0&x_source.tid=a5f3cc7c-7f07-40ce-af6c-3f6b09b650cf&l_pb_bid_id=36c548e85d4eef9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b5643327-5667-49dd-9a82-563d4cdbb6b5&rp_maxbids=1&p_gpid=%2F85042905%2Fedgalileu%2Fhome%23pub-retangulo-2&slots=1&rand=0.6386796260457586
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5f3cc581dad157468071a31c4b7a4cf09837da6b22c5940a4e242b889da21196

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 472
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 252 KB
87 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-J1Q87VHPK9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e63f6bb255a789ca87e68dbf09e81a22fa7842f6b11aae2538ddeddae4f4cb00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 Jan 2024 04:42:15 GMT

GET
H3 200 container.html Show response
447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C12F 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:13 GMT
expires: Sat, 18 Jan 2025 04:42:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D8A8 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:13 GMT
expires: Sat, 18 Jan 2025 04:42:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lib-analytics-latest.js Show response
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/ 14 KB
5 KB 225ms
225ms Script
application/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 877c319b8a36e65249be764ce80ef3891edd45848ba3627b95c7499feb0be48d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
x-openstack-request-id: tx3c0b3e21b3964075a5a49-0065a9fd60
last-modified: Tue, 23 May 2023 21:09:44 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1684872817.000000
content-type: application/javascript
x-timestamp: 1684876183.22388
cache-control: public, max-age=180
x-trans-id: tx3c0b3e21b3964075a5a49-0065a9fd60
x-request-id: 95be0e95-6622-46bc-b4dc-ca9e615b85a9

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 23 KB
6 KB 35ms
11ms Script
application/x-javascript 2a02:26f0:480:ba2::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:ba2::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:42:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 11:02:02 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6055
Expires: Fri, 19 Jan 2024 05:42:15 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 19 KB
4 KB 142ms
118ms XHR
application/json 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=VnaP3rYVKc

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbea554bb1806a9a21b623107d57ec7f98c46f02125064a0d3959c8bd2f3f4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: ve066sm5d9
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 847c68f90f381e4e-FRA

GET
DATA 200
OK truncated
/ Frame 0E66 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fd11fc9997413d84b25309688c9f8c7b73dfc4cc1a4e8d0242129d940f43564

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C12F 24 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 4198328372302073493
tpc.googlesyndication.com/simgad/ Frame C12F 34 KB
34 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4198328372302073493?

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e871d0f41eb74ab9b98534f4bc1d3baa2f4d1860d3f263c194bf00ca8ad025c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 03:14:21 GMT
date: Fri, 19 Jan 2024 03:14:21 GMT
x-content-type-options: nosniff
age: 5274
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35204
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 13:22:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C12F 206 KB
65 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 04:42:15 GMT

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 126 B
880 B 89ms
20ms XHR
application/json 141.94.254.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy07.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 86

GET
H2 200 compass-multimedia-sdk.js Show response
sdk.mrf.io/statics/ 8 KB
3 KB 67ms
66ms Script
application/javascript 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=880
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09088724c279c63fb21bb8c0576f4b30f94b2f78e5257e037460c14cba9d01bf

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
via: 1.1 00280e18dbb2b8d7b3cfa8b0e75bdcdc.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: LHR61-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jan 2024 10:53:48 GMT
server: cloudflare
etag: W/"fe275c6dff73f3baac06c8f68edb6e69"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 847c68f93ccf6646-AMS
x-amz-cf-id: QlftYGVLS02XN4_A1BGby7gZyrryPOTcDd4SCQgUMBmDacDbr2SWRw==

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D8A8 24 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 4062117195041795733
tpc.googlesyndication.com/simgad/ Frame D8A8 101 KB
101 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4062117195041795733?

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8d41ca2f2833d7f4c504e0f4c821514a1e3d36c6bce946a2241e06df0219c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 03:14:21 GMT
date: Fri, 19 Jan 2024 03:14:21 GMT
x-content-type-options: nosniff
age: 5274
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103023
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 20:22:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8A8 206 KB
65 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 04:42:15 GMT

GET
H/1.1 200 i
ivccf.ivcbrasil.org.br/ 43 B
461 B 1218ms
363ms Image
image/gif 34.209.32.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivccf.ivcbrasil.org.br/i?stm=1705639335895&e=pv&url=https%3A%2F%2Frevistagalileu.globo.com%2F&page=Galileu&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=133&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=f177d8c6-a4a0-41af-8d57-8934508afa40&dtm=1705639335894&vp=1600x1200&ds=1600x5813&vid=1&sid=62b63b07-f0c6-41b5-95cb-bdf2e178e674&duid=a8fb2d3c-3a79-4846-9aad-024e45cd5d19&fp=4127879825
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.32.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-32-186.us-west-2.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:42:16 GMT
Server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 44ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-J1Q87VHPK9&gtm=45je41h0v884772483z8893492913&_p=1705639333133&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2089446785.1705639333&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705639335&sct=1&seg=0&dl=https%3A%2F%2Frevistagalileu.globo.com%2F&dt=Galileu&en=page_view&_fv=1&_ss=1&ep.type_page_type_product=home%20-%20&ep.product=GalileuBS&ep.article_id=%2F&ep.editorial=&tfd=6689
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-J1Q87VHPK9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1896257967106140 Show response
connect.facebook.net/signals/config/ 142 KB
36 KB 69ms
69ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1896257967106140?v=2.9.141&r=stable&domain=revistagalileu.globo.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f838bdcceb22d60990ebc30b446e44c0e046ed3cb74ffb87dd7a896449d25d1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Jan 2024 04:42:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: cln3r/8d3abb/EoZGhQHuQm/ZXNNMuqrTjmkq3R7vM2aMkrOqsSjEJotuJ5laLtE0AcgFOPS/SXbV6LwpZxtqw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C12F 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4ddDONFLQpSWBceZbC0IvTNoKiV9WzOkwwBUgPVdc4A1bPxcJbVOXB6XpYZDA_IbVvmUF5prOJEP0Ih-JakQmpjplpYckf5DLEsej5Q0ajCbSA9qoq-1IP9CYyfKvUTmnH8Ks3WfxYcQ7x1E55fSLn3EdJMTd-fe9bdhHBeIih-qZQBOAt5y-vH8PKCavWp-Q9CdfFIQRhq1WHgcexeva3mIYarWNW1OIl2U-RvrFOH2nzZc1kgJ16l7cJ2-jiQf8u8yHxSE7o1YfuDDYB02dSC4CNMMU1s6tutNC_UmyVxvzvxDoLKnFlD_kh5LC0SKzuGUfNK4GzMkmM-M43_7C-8-1XTxzJ27_qiYqHaaABw&sai=AMfl-YT21l74bu9-B-RFrtN9U8w4Lae-SjngLueLccRlRnJARBKte5oWpwWrZv1ydKdjOXb9IczG6fV7qneNoOlEK-N0Xf2iFB587l5XqT7IOxMWKRxEw-rtcKtBjF9Y5w&sig=Cg0ArKJSzEnGg_he8AHjEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame C12F 16 KB
16 KB 230ms
230ms Font
application/font-woff2 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Origin: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
x-openstack-request-id: tx218ac623dfe14163bbaf1-0065a9fda5
last-modified: Tue, 25 Jun 2019 17:36:47 GMT
x-thanos: 0AB24047
etag: 365c53275ca5dad1584b7e0bd3a46c1e
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484206.27623
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16172
x-trans-id: tx218ac623dfe14163bbaf1-0065a9fda5
x-request-id: 8661d600-b6ac-45be-8881-d1870fc7a4b6

GET
H2 200 regular.woff2
s3.glbimg.com/cdn/fonts/proximanova/ Frame C12F 20 KB
21 KB 234ms
234ms Font
application/font-woff2 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/proximanova/regular.woff2
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Origin: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
x-openstack-request-id: tx1dc7e384bd97460791b2f-0065a9fda5
last-modified: Tue, 25 Jun 2019 17:42:57 GMT
x-thanos: 0AB24047
etag: a28c6bf751afd0731507d904609fe5da
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484576.57450
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20904
x-trans-id: tx1dc7e384bd97460791b2f-0065a9fda5
x-request-id: b1f176ba-dfdf-46f0-898d-f722f0c47a3b

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C12F 0
0 49ms
48ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKDNpGbwCw9f1IpLDO7IdSu85RiMq2BUD4UQ8M14VMcf2PDnvxw9HKEm2i2S0eWbs15ox19YT_tE60s825eO4k4o3vVcJ2Y0elTzztckX5L952Yktap_h1Yg3Iq5uoLYYHNi8GqS3PJ0qPFMq7sUyRiRnZWZDoumqmO2Z-H6NIgDZL-v3pqnKj2bmsV8LctDwXpJrgS-ovMk7GZdYUTlDf30lUMvHH60yfYBNsLjKtkzegCf-CAsPP2M6PuCnwDYUXr4eQJKgDkVQx1XwNH_aYFEbFWNIet9TNwhRBDNFwuM7YusJX_Aw6RU9DnEbTBXfcYq2hLkpxWSbZLOrARMNPo1br_uTrUiu339JU19BNZE-r&sai=AMfl-YTEV-6iGnUJtHUaDvAMR5iObJlczvcKNiT7pKS_NgoosRvH4MJPrJKfe_K_0zht9II6HUq1jCNqjeEx8GYYd5l7s-3kjK6J83-tlXYCoUdB8VJqQ9QcwJuslruaXg&sig=Cg0ArKJSzLyxDb805AXlEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Jan 2024 04:42:15 GMT

GET
DATA 200
OK truncated
/ Frame C12F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f757c66467ccfee3afad85175905468ec2994b09a26c3f7b8966d05834efc9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tm13574.js Show response
tag.navdmp.com/ 18 KB
6 KB 44ms
17ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13574.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/galileu/prod/lib-pub-ext-tags-galileu-latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a03b95106083a9a0c3e7797983627487d10cc59a1a4d5b576aecb19464d9fc5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 26 Dec 2023 13:49:40 GMT
server: cloudflare
age: 2340
etag: W/"658ad9f4-47ce"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 847c68fa089030d6-FRA
expires: Fri, 19 Jan 2024 05:03:16 GMT

GET
H2 200 dmp.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/ 6 KB
3 KB 225ms
225ms Script
text/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/galileu/prod/lib-pub-ext-tags-galileu-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: d6c7e6ad800fb94afd9cfaf6dd1ff4f2022b21cd80b4cda59cda258730ee86d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
x-openstack-request-id: tx0dc7f1c487704f3d91a75-0065a9f791
last-modified: Thu, 28 Dec 2023 18:50:20 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1703789419.59317
cache-control: max-age=18000
x-trans-id: tx0dc7f1c487704f3d91a75-0065a9f791
x-request-id: 47af988b-f592-4352-b64d-9ed43911e3ed

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 64 KB
11 KB 61ms
13ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-12842-2/CT-1047
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/galileu/prod/lib-pub-ext-tags-galileu-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 03:18:15 GMT
content-encoding: gzip
via: 1.1 google
age: 5041
x-guploader-uploadid: ABPtcPrvN8uKh0XUwkiZygNJoOc28r0HeMEVRHwPWJK8CTkVNZUkhPt0wqpZi195fgs8g86HsojJswYB3Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11157
last-modified: Wed, 16 Feb 2022 19:26:59 GMT
server: nginx/1.8.1
etag: "7baa2c88b7abc79944366989908f0a4f"
vary: Accept-Encoding
x-goog-generation: 1645039619237034
x-goog-hash: md5=e6osiLerx5lENmmJkI8KTw==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 11157
accept-ranges: bytes
expires: Fri, 19 Jan 2024 05:18:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D8A8 0
0 48ms
48ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssH9dh50KRGOkgQwUhY-lzI9ODYHiqkO5hjDJmBgROtSA-GRNrg9vR82m8dDqLE9NWT6_2MmORg5oDlealwYq0h7OrbaRGtLYzZYMVK4WzjBiR-OXfjnJAJfrWSLRfM-fFHp8tbmVLLHbXlBsG4IzfZ-OpDu9dlOXYbG7ykKKos2w_TAHsyNB64hpW3srrCGCCs_EC66583EjsN9XlcS8TigGSN3NkK4kKYljCDCiAcaysQEnJXf7lzKRd3J60ACJR6tmx6nXTAorZitQyiMoMYWeSGtxmZVOzCTKeOJAeKyJZMxHBKsOeVIDjMrK8-Lp7sIMMvMaNkHCq9048Yxkdkh9neMFXPcMmq1MWylki58w&sai=AMfl-YSqHhfQU-z49R7rDmes7lOPG7t8ek3L3XsaIG0AMGXYKLcPnxUNSp0Ag2GXXVvPucJgei5n3EOy3YGQbkh640AQDcAxQhjoxQM8_EDd6qE2zBVQLxygR8JkEtWUtQ&sig=Cg0ArKJSzMGjWckPdhR9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame D8A8 16 KB
16 KB 226ms
226ms Font
application/font-woff2 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Origin: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
x-openstack-request-id: tx218ac623dfe14163bbaf1-0065a9fda5
last-modified: Tue, 25 Jun 2019 17:36:47 GMT
x-thanos: 0AB24047
etag: 365c53275ca5dad1584b7e0bd3a46c1e
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484206.27623
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16172
x-trans-id: tx218ac623dfe14163bbaf1-0065a9fda5
x-request-id: 0df167be-fa50-4820-8a15-09a5511e0104

GET
H2 200 regular.woff2
s3.glbimg.com/cdn/fonts/proximanova/ Frame D8A8 20 KB
21 KB 241ms
241ms Font
application/font-woff2 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/proximanova/regular.woff2
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Origin: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
x-openstack-request-id: tx1dc7e384bd97460791b2f-0065a9fda5
last-modified: Tue, 25 Jun 2019 17:42:57 GMT
x-thanos: 0AB24047
etag: a28c6bf751afd0731507d904609fe5da
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484576.57450
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20904
x-trans-id: tx1dc7e384bd97460791b2f-0065a9fda5
x-request-id: 4cf59eba-b581-4b8e-856e-6fd76b000b9d

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D8A8 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstctr32_CCFJ7Vxg6lJ959fwhVAYByAQ1Rf2q8ATWU11p7OKfilrFXpDDf0cojJ86462eJ76Me1SptRaYP-mTm4yIQryQVx-8uyjVypv-Rk-k6eStUcLGGoD1ZoQM7TnilerQhd15ghBdcU0epxVytq0_28Y8HUfgAafmcrWz3O84CwBkcUQP-sX6tpl6ZXwIAOg1sereArbPELg1bjumUeIuBwlMhvbnm6UEQ8jQ7ey1fOoW5hw2tA4J-yYEAgNTbrJDoiJP_Dwbh7b9F4Fhe7T05pTeMDcdKTxTTxAcvZ8WGqW5UKkFqjWsCU34eBBTtaguciueN5kWufOwTnoTByT4tWqQw4-lJDkw21iEPuneCg&sai=AMfl-YR10ibpBgdZbNfnkrEo4lVBYzh8F8TuvNZtyvOGxvRn0_tBljq5SSQ5nWvuY2lw6kDQZEQONhhKraS0P38YvLJvQpfCWc2lZT9EnVk6bByoM7no3Cp8ZpV1VPBKzw&sig=Cg0ArKJSzGHYlJlOL3NYEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Jan 2024 04:42:15 GMT

GET
H2 200 experiences Show response
flowcards.mrf.io/json/ 1 KB
785 B 209ms
158ms Fetch
application/json 2606:4700:3033::ac43:9fa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flowcards.mrf.io/json/experiences?url=https%3A%2F%2Frevistagalileu.globo.com%2F&clid=22107d1f-695a-4072-8d90-793332ee9760&fvst=1705639335&geo=__INJECT_GEO__&ptch=0&pgv=1&sdu=0&sid=1464&useg=&utyp=0
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d994d5bf3c7ddcc8a233638164c7fb7c870c8ebad29096534c2fd9747fd18f41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
cf-cache-status: BYPASS
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
x-envoy-upstream-service-time: 98
accept-ranges: bytes
cf-ray: 847c68fa3cd9637f-LHR
alt-svc: h3=":443"; ma=86400
content-length: 566

GET
DATA 200
OK truncated
/ Frame D8A8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a7dc1824d6328b8e203ac0aab008da84dae5b9a8627f185b57a2296d22b03a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 4 KB
2 KB 219ms
218ms Script
application/javascript 34.151.224.123
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/7.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 123.224.151.34.bc.googleusercontent.com
Software: /
Resource Hash: 5526de640b8a955cded2558243e36af335e7b0722c9ff1cc091d329b12a6eebd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-location-rule: static - tiny.js
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
x-openstack-request-id: tx7cec5a39c3e84d7f95db6-0065a29ff0
x-cache-status: HIT
supportspointer: true
x-trans-id: tx7cec5a39c3e84d7f95db6-0065a29ff0
x-request-id: 0fcae30779c19634165a9ae59390f372
last-modified: Tue, 09 Jan 2024 14:24:36 GMT
vary: Accept-Encoding, Origin
x-served-from: infoglobo-router-gcp
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-timestamp: 1704810275.51458
cache-control: max-age=600
charset: utf-8
expires: Sat, 13 Jan 2024 14:46:34 GMT

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 586 B
424 B 154ms
130ms XHR
application/json 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=VnaP3rYVKc

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ccab95ecf9ecc9b0ada62ac43ed8957f2086b25e1bda5390c5903d70b962c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Mgqrh7sqt3b
pragma: no-cache
wn: prod-dash-10-0-117-62
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.013
cache-control: no-cache, no-store, must-revalidate
cf-ray: 847c68fa1deb8fd7-FRA
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame A4B0 10 KB
3 KB 133ms
128ms Document
text/html 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTBOB9H431PH&templateVariantId=OTVNV8G9XH89V&offerId=fakeOfferId&experienceId=EX4DCSDEWA90&iframeId=offer_8cbe9f57be49d75e60e4-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979681d00053ab9a0d0b5640e07c4a8726503a93268bb52ff5ac93632c21954

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=900
cf-cache-status: MISS
cf-ray: 847c68f9fb544d2b-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 19 Jan 2024 04:42:16 GMT
expires: Fri, 19 Jan 2024 04:57:16 GMT
last-modified: Fri, 19 Jan 2024 04:42:16 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server: cloudflare
server-time: 0.008
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-118-185
x-forwarded-https: on
x-request-id: Mgqrh7sJjJ4
x-xss-protection: 0

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 586 B
663 B 140ms
119ms XHR
application/json 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=VnaP3rYVKc

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfb595fa9d59e407042401409891ee96ff3ff6b8c557e3f6a0e09165d8933b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Mgqrh7sRfPm
pragma: no-cache
wn: prod-dash-10-0-86-169
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.004
cache-control: no-cache, no-store, must-revalidate
cf-ray: 847c68fa1dea8fd7-FRA
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 146A 8 KB
3 KB 122ms
119ms Document
text/html 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTV5TSU2XMXLV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_e1e11d4a5d4b696aa15e-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d274cbcb1adfdd47aee13a07b199c9693bedb24c0f88452a05e47c7736aa707

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=900
cf-cache-status: MISS
cf-ray: 847c68f9fb534d2b-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 19 Jan 2024 04:42:16 GMT
expires: Fri, 19 Jan 2024 04:57:16 GMT
last-modified: Fri, 19 Jan 2024 04:42:16 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server: cloudflare
server-time: 0.001
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-92-29
x-forwarded-https: on
x-request-id: Mgqrh7sFWWy
x-xss-protection: 0

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 586 B
426 B 139ms
120ms XHR
application/json 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=VnaP3rYVKc

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a8634d16ccd09a64b87a4e1302485cc6e50baf61e9907c669395e664e2c70d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Mgqrh7sZjyo
pragma: no-cache
wn: prod-dash-10-0-118-185
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.005
cache-control: no-cache, no-store, must-revalidate
cf-ray: 847c68fa0de78fd7-FRA
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame B39A 8 KB
3 KB 396ms
395ms Document
text/html 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVY9LH1NCBIW&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_102b08c3603161dd7118-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

485e152aac28b0615911c4ed670fd99bc1be4fa7f306c9c26732ce6f7a65395a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=900
cf-cache-status: MISS
cf-ray: 847c68f9fb554d2b-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 19 Jan 2024 04:42:16 GMT
expires: Fri, 19 Jan 2024 04:57:16 GMT
last-modified: Fri, 19 Jan 2024 04:42:16 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server: cloudflare
server-time: 0.001
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-92-29
x-forwarded-https: on
x-request-id: Mgqrh7sHtKK
x-xss-protection: 0

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 112 KB
37 KB 12ms
12ms Script
application/x-javascript 2a02:26f0:480:ba2::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:ba2::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d6532503517dc33a226156c4beecefadd88096a0af5d9d3ba3c082f2601f157

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:42:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2024 12:20:42 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37289
Expires: Fri, 19 Jan 2024 05:42:16 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 73 B
314 B 15ms
14ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

11375ca575ab8a7a1dc2199c55b58cbbb261877748897ea459d606b7e5530afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1114072
expires: 60

GET
H3 200 e87054ded32ae473684f.js Show response
sdk.mrf.io/statics/ 51 KB
13 KB 118ms
117ms Script
application/javascript 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/e87054ded32ae473684f.js
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=880
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29de72896b6c83b67a67bbbdd8b125541784c50c892aea043f3e7409c7899dbc

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
via: 1.1 c50e6c45c49371a5ebc690255500593c.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: LHR61-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Jan 2024 10:49:59 GMT
server: cloudflare
etag: W/"6d29da5f1031a7a6d4650f8d8b71306d"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 847c68fa2fe44d61-FRA
x-amz-cf-id: j87TA3B_b15vVB426FgR9tYefZuAYDUV68xuWcBOOFLF3cY9BjTBcQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0E66 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg8oACxeDmpIVQCCzzCTI-vKQCSbh8wk_YYN9h3XaRpVkKOZjK4amAcc_7RIBztqS2E8O02UIH2CR5C_dXAeIM4TJtr0z7D0DWM5qIBVLLvYvQWjexaoh2hbmk1doxdPFPe69LrW52VfLLjkO2mvgJQxddUr5dATd296xlxOnZYn8HM-yoXUm2Iq0lzU9FDs9hkL1H_bMX89XfYSYLeOciajik_MdoUKUJM4WUgHyow8z4LfxB0GIJDp0E4OokEn2Yl4BssODls-zpXb7NNxz3zGbcnD5CC2GLr10REzQMImHUnLNQD2GFvhupKEsnGxT-AXNwyTRK9UY_uGuGIDnlRYpsAh-ztIayftlvgio&sai=AMfl-YRtbaps_AvviEfeS1oeHJfc_ivEP8NF_hT9hZNvbk2Z52OJfGRN1uXU7owxZR_ALZmBT12Hw-x-LnUDMhesIfUVC2KnXSaD_Vr4-OK523-WNO0SrnoW8a-wAWSo1g&sig=Cg0ArKJSzFaXGCgKZdibEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Jan 2024 04:42:16 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
202 B 24ms
23ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=5466280614&lsavail=1&bundle=mXihpV9yT1dJWmdPVUZNRTR4NElINUV5dGJ6MG9veFpQVXpIMVRqTzFmV3o3Q0FOcmc1RXB4cUs0NURIWU9zNHBnWWR2YUplRlpYRDBPa1oxc2h6ZHBnUWV3czZWRmZtbiUyQkdZZkJNUWJzQzhPb0syZ294dlFwdWtHWUVDR3pkVXhxMktnOE9qeGlhREJPcTJOenhRYjNidTV6ZyUzRCUzRA

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://revistagalileu.globo.com
date: Fri, 19 Jan 2024 04:42:15 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
65 B 504ms
504ms Fetch
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
574 B 97ms
97ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 Lille, France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 486 B
543 B 103ms
103ms Fetch
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=266816&zone_id=1321690&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=1bfa429a-53ce-4032-b503-46e38d865d1f%5E1&rf=https%3A%2F%2Frevistagalileu.globo.com%2F&tg_i.domain=revistagalileu.globo.com&tg_i.page=https%3A%2F%2Frevistagalileu.globo.com%2F&tg_i.adunit=85042905_edgalileu%2Fhome&tg_i.aupname=%2F85042905.*%26.*super.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fedgalileu%2Fhome%23pub-super-4&tk_flint=dmpbjs_v8.23.0&x_source.tid=d54a3f91-4c05-45ec-b116-c1a9949be095&l_pb_bid_id=44bcab3c58d68e2&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b303bce2-8ea6-47e7-80e3-5e2781e5cab6&rp_maxbids=1&p_gpid=%2F85042905%2Fedgalileu%2Fhome%23pub-super-4&slots=1&rand=0.6743818265594275
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7bc6a0e434e8739d5aade13e92ea5cd4b06d0f7a03fa4c56d9cdfb117dcdb350

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 486
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 / Show response
usergate.globo.com/ 44 B
324 B 851ms
218ms Fetch
text/plain 35.198.44.170
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://usergate.globo.com/
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 170.44.198.35.bc.googleusercontent.com
Software: /
Resource Hash: 2af921f96b618475ba87948891bf844483be715971a4d4b69c4b596afd6c1691

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
980 B 50ms
49ms Fetch
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c427399ea474cc67e9d961d717bb63e64bce4d85db8646953e505c768d9723c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 955
x-xss-protection: 0
expires: Fri, 19 Jan 2024 04:42:16 GMT

GET
H2 200 tm46169.js Show response
tag.navdmp.com/ 12 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm46169.js
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a798741ab5d1da30eb26d38311b6249de94034ccc610268901ef633098ad3e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:04 GMT
server: cloudflare
age: 1744
etag: W/"6137b330-2e58"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 847c68fa58a830d6-FRA
expires: Fri, 19 Jan 2024 05:13:12 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
287 B 491ms
483ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0&wni=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18cca46c1672de22ec6b3da0b7a9b5a5fe07bb5b88107873fd52905a0e0a462a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: public
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 847c68fab8d830d6-FRA
expires: Fri, 19 Jan 2024 05:42:16 GMT

GET
H2 200 selected-alternatives Show response
globo-ab.globo.com/v2/ 328 B
841 B 861ms
219ms Fetch
application/json 34.95.229.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://globo-ab.globo.com/v2/selected-alternatives?experiments=player-isolated-experiment-02&skipImpressions=true

Requested by

Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.229.88 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

88.229.95.34.bc.googleusercontent.com

Software

Resource Hash

e8a5db64eeb55b75f6034451f736657b3794d57915b11336b19d5772ad182c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=300; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
trace-id: b9c6706fe94eedb4
access-control-allow-headers: user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
238 B 480ms
480ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=46169&upd=1&new=1&wst=0&wct=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm46169.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0fbc469229736bf6ec6519988f225c8bc4399749bd4660f673ee0c6180c47c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: public
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 847c68fb692130d6-FRA
expires: Fri, 19 Jan 2024 05:42:16 GMT

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 146A 126 KB
78 KB 39ms
25ms Stylesheet
text/css 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTV5TSU2XMXLV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_e1e11d4a5d4b696aa15e-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTV5TSU2XMXLV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_e1e11d4a5d4b696aa15e-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 5907
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Dec 2023 16:16:48 GMT
wn: prod-dash-10-0-92-102
server: cloudflare
etag: W/"128533-1702570608000"
vary: Accept-Encoding
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 847c68fadc7a4d2b-FRA
expires: Fri, 19 Jan 2024 06:42:16 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 146A 95 KB
30 KB 54ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1822062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30360
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4hYw1%2FXd702vhFWVdqR0WZf3wtQ4VY7qhPzYaPIIa%2F0%2BkGXuUbTY4JcBYlz7pUrknE6ufPKPNcwCWcmzrXVpLv26R%2Fwv3m%2FlsWeEgNJb8VnsMhosawkcZyutt9gnWObP5D3yFwnOiNFiPTtoNz1it9n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebb968f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 146A 10 KB
4 KB 52ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3577882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3550
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egZ00YED0yJeJyAqw8g5GQXPZ3umLJHIdwoNqH3WF0yxV0Fvwhew8oU1DYy3tvu4dSmiRTox5gcq2yRWMpCO27n5GkgPTZ%2FrsAmUunt%2BgWx94cIIjyb9rO5P2OQBCV5OKlHDvLFUyfBY7icHXYye%2F9rz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebb668f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 146A 104 KB
35 KB 53ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6127341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35086
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5oJPsLW%2FlTadf16YUZxKFuILaQXjHd69LfXWTzqNuoodLFQoftxMMoB87P4W198gDegy5K2ek6j7icAKinx35n2gZK0uq62p5neuFR3%2BGa1bbUqR5BAw2xvnVrGO%2FG0I6m4y80opgbn2JDWX46S5%2Fo%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebb568f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-animate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 146A 11 KB
4 KB 54ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3579920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3978
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-2bd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuPZwlY0d0GQioKuRxuyONHSjdHuTixwg4DAULo%2BaFZ9OppWWrnfhzO%2B2wisfxVNY%2BLSI1foMbK7T7YD%2B0I1HkKI2KlH%2BkfHroh3HwgrCXZCctOhgZsO9dzS7yFpW8vim9d%2FSAhc1e5KNoPwuxPHz2N6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebba68f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 146A 825 B
729 B 53ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3061477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 434
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4MxmOV5BBnKaZNoDYGaGquvhP3%2FH6vqVHmWyPXgwHA3d6AeAMDRy%2BE3JXzCjwI%2FcIry200N6TeG1ZnfxGexcUuarEod6eKfaNTdo8jaoAb5SPDTOeRSIKNQ%2FNG8NPb5JEw295lWcq13j3j9pNXeX7RY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebb468f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 146A 4 KB
3 KB 32ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4237685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2171
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbE6EsDz9I6wQHWVFUEBAnIvc6s4h03UpX4c2CrhfLCaBoerB0c3uKMT9RI0%2Btb3%2BF6GpVxf8mbuyOONAc01gbjCCmiUigodO6RmltiAu3R9eMIP8xwnz4sxLgybbzuRIdKk6IO42Dcej4Yr73KXDCC3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faeb9e68f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 146A 3 KB
1 KB 33ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 24271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 953
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUPmTmMGUtgbFDZh235YKDGvSrKtQFmcMkaOMf4K7%2FRMZET%2Bw%2BbI%2FCWbYXl3%2BLaq5f%2FdALKTi%2FxWODB2l5XeYCldJX9xTIRipf2LQkK5lpcN%2FRJobisjLI3XpWaYakfKN%2Bh2tD7tPT0QUx1QQXstl1pz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faeba168f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 146A 23 KB
8 KB 44ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6220555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7490
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ng45JkNwMuZ6hruXZ9f8UAjC9yJEydnWSXu3v4NkaQfSbDwP6B%2BZa4oPM%2BjtJvzkirR3kRYgnc7cm3uUg9gnhn27lOrh3NyYlnEu8xHyJoubwZvBflODlAT53OzdPg5uVHa2L4h7XL6Uf8ud4O3H8tW5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faeba368f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 146A 2 KB
1 KB 34ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5961324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 910
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RHxDdeD%2B5CjcxB8UINu1g17mc3L8GU1CMIrf%2BKwQHALTtbrETPVkXshE6bEPC4%2BVYxeyx3Dxvkq%2F0PSBAnMVGjStsJosIrVZH0lsBIOz4VYjGz9Hyu2IljJzmLHgz0aEs4fHdXd0dK4Vm6MAESSyBfq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faeba468f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 146A 20 KB
7 KB 42ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5993060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6934
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kMPgHvCDILR0rJ%2FM9ycSFjuaUeAbjadoCIuD2db%2FKEw6o5ifCgug4j66oF51g9%2B%2FrbRM%2BOmHl4C3Zze4pbtyUIEEBwd3c5%2B8uneinRjW1pdSfPolvIpAfWfmZGIQzpT3c62dNG1p3RH%2Bv7ZhPxddI7n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faeba668f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame 146A 33 KB
6 KB 130ms
117ms Script
application/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=VnaP3rYVKc&version=1568388702000&language=en_US

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTV5TSU2XMXLV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_e1e11d4a5d4b696aa15e-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Mgqrh7sNlZN
pragma
wn: prod-dash-10-0-92-29
server: cloudflare
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
server-time: 0.002
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 847c68fadc7f4d2b-FRA
expires: Fri, 19 Jan 2024 23:42:16 EST

GET
H2 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 146A 67 KB
12 KB 68ms
56ms Script
application/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.91.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTV5TSU2XMXLV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_e1e11d4a5d4b696aa15e-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 77915
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Jan 2024 14:15:10 GMT
wn: prod-dash-10-0-92-102
server: cloudflare
etag: W/"68959-1705500910000"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 847c68fadc804d2b-FRA
expires: Sat, 20 Jan 2024 04:42:16 GMT

GET
H2 200 H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 146A 121 KB
38 KB 69ms
57ms Script
text/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.91.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTV5TSU2XMXLV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_e1e11d4a5d4b696aa15e-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2280
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Jan 2024 14:36:50 GMT
wn: prod-dash-10-0-87-246
server: cloudflare
optimized-by: _sam
vary: Accept-Encoding
content-type: text/javascript
server-time: 0.000
cache-control: public, max-age=602520
cf-ray: 847c68fadc814d2b-FRA
expires: Fri, 26 Jan 2024 04:04:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 146A 3 KB
748 B 37ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 04:19:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 04:42:16 GMT

GET
H2 404 style.css
buy.tinypass.com/checkout/template/ Frame 146A 0
0 411ms
399ms Stylesheet
text/html 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTV5TSU2XMXLV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_e1e11d4a5d4b696aa15e-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
vary: accept-encoding
content-type: text/html
cache-control: public, max-age=1200
cf-ray: 847c68fadc7b4d2b-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 19 Jan 2024 05:02:16 GMT

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame A4B0 126 KB
78 KB 53ms
42ms Stylesheet
text/css 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTBOB9H431PH&templateVariantId=OTVNV8G9XH89V&offerId=fakeOfferId&experienceId=EX4DCSDEWA90&iframeId=offer_8cbe9f57be49d75e60e4-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTBOB9H431PH&templateVariantId=OTVNV8G9XH89V&offerId=fakeOfferId&experienceId=EX4DCSDEWA90&iframeId=offer_8cbe9f57be49d75e60e4-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 5907
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Dec 2023 16:16:48 GMT
wn: prod-dash-10-0-92-102
server: cloudflare
etag: W/"128533-1702570608000"
vary: Accept-Encoding
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 847c68fadc7c4d2b-FRA
expires: Fri, 19 Jan 2024 06:42:16 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame A4B0 95 KB
30 KB 34ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1822062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30360
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyJAHoIxoERXZQITBCXMEa6Q48CjQeH44FRMhGeUStoTdTI3piY4io3zfInBWtjBpjmUbKyqW6ag2PZCYmNUWoscXc3niW390nOgE2AyhxiQCU%2FXlzYqgefCHZxgbT%2FmXHTIFcV05QnL2jTpQ3Y5I96k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faeba768f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame A4B0 10 KB
4 KB 33ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3577882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3550
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GibX4%2BOE22pjS1sOVsbOBI3DzpaoKXdMlVHlsOfIw9cL%2BcelUCqy69y6hZBZAMizRuyRP23GXHRWKKuNZP4p5CAd1xPMHshw2TYFZXf3MiZvQWXJcTFRTzkonSD%2B40RQjwit%2F8eSkW3VaPlC6pZXfhVk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faeba868f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame A4B0 104 KB
35 KB 44ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6127341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35086
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeaVAEFFaxfQBgBtb04GMJu1%2BcI%2BMRSxPjyinZSjM3axil1nd2uWoGibpW3FnKMn8P4%2FOl%2BYv70u0Q48HPyIfs%2BZC0qGVQI9q3XiBRe66xBs1d%2FTvp%2B%2FyCxYnusvRu%2Fo0JdAHqlVUA0zCtd3fjy9PTCY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebad68f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-animate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame A4B0 11 KB
4 KB 50ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3579920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3978
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-2bd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haUWRgC8hr%2FaSyi0W7iy1vRjFFHqc1ebc%2BGNW%2FTTqXYDDygFGIht%2FHvLGpQLJqsqojTeMjWet6Q87qI9GbT%2Bn4ml%2FsBhUIC2pqrly0AEmgOjsellFBBForEfuejGYoJ4jpX3y7Hbsa%2BO73vhjjpAGuaX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebac68f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame A4B0 825 B
781 B 42ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3061477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 434
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvk10cfKvoX9%2FDz%2BBHr3yqxu7zBhAIqY58%2BN1oiOQp8%2FukJz84hTD6aTm1DU1GFZDmSTl1YO89WqPvNZf4E23oZGtOllt%2B44IiMrJnsJzR9HM656w7BL%2BO%2BLTOePGy%2FX87gUhzG3sKB1XRMLMRNYVV0E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebab68f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame A4B0 4 KB
2 KB 32ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4237685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2171
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBXIdjja%2F4sQp1rDo6x3umN3sAYyU%2FXYSnfCRHXU1oJ3COrFrWjPo1DDqiN1UwJSPCb4AVzJ2EklSMxAaXuYOi2N7%2BNXziTPqyLhy9FxaXqxy54JzsKPEnbD6Ebj6hXIByX%2Bs7A6Uiib1L7USkrPNCyl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebaa68f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame A4B0 3 KB
1 KB 50ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 24271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 953
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29J7ZxS551ZSG7GhBEIintncYjP52lyRCllvlcqTSmKT%2B7TCASMaymKtI3AnQfqPEY2XqBLRCn1pFugRdwj2D9xzbOfUbFXwxhVpt%2FVcSZ4wL97qisRH9xI6eKaDOwlQ0dmmvztmD1KBU%2F5R37o8pyIo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebb368f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame A4B0 23 KB
8 KB 43ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6220555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7490
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rz%2Fw9%2FQaSO1BrW%2FKhPWFtyTwUMfmtQH6Sa41ig357eJvkIXJmRcdKic31%2FhyliS9%2FQCZgdnbUxqD3EeB%2FB3lk5TWHrCxP8aUvG2yBuBLC5XkiHpx5kuO4ky6nf4fvCWnudctk44D%2BFMVHUGHEF%2Bf5qxw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebb168f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame A4B0 2 KB
1 KB 50ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5961324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 910
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ji%2BpNG85%2BaWEIBIWJ8tLL%2FWs2HAX2wZTWfzUG3j%2B%2FJZUgJ1yTX8D2Q2eA6eO0oG9vwxnwl5q2pLPkXtKb2rRBjzNJOww97NbEXQoCNa6ruTIrhhUFd9l%2Bygd%2FJDcGJFz%2BMOqO5Z83GwbRUhWfefTracR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebb068f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame A4B0 20 KB
7 KB 49ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5993060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6934
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwNFDhMDYmrAnLr2upbWqyR1v9as%2BhAx0p3rj5rC1zg4pHW49Xq3DIqYVJu6od0mbYPWAwUjH0FQSIzQ9mVdVayCmyeFJfqchSBxmQy5%2BLDkoyNqzb4bjgz91uUZYnvRiiccr30bMr%2BIjrjFj%2B%2ByKeXH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68faebaf68f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame A4B0 33 KB
6 KB 128ms
118ms Script
application/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=VnaP3rYVKc&version=1568388702000&language=en_US

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTBOB9H431PH&templateVariantId=OTVNV8G9XH89V&offerId=fakeOfferId&experienceId=EX4DCSDEWA90&iframeId=offer_8cbe9f57be49d75e60e4-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Mgqrh7sASfy
pragma
wn: prod-dash-10-0-117-62
server: cloudflare
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 847c68fadc824d2b-FRA
expires: Fri, 19 Jan 2024 23:42:16 EST

GET
H2 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame A4B0 67 KB
13 KB 47ms
37ms Script
application/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.91.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTBOB9H431PH&templateVariantId=OTVNV8G9XH89V&offerId=fakeOfferId&experienceId=EX4DCSDEWA90&iframeId=offer_8cbe9f57be49d75e60e4-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 77915
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Jan 2024 14:15:10 GMT
wn: prod-dash-10-0-92-102
server: cloudflare
etag: W/"68959-1705500910000"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 847c68fadc834d2b-FRA
expires: Sat, 20 Jan 2024 04:42:16 GMT

GET
H2 200 H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame A4B0 121 KB
38 KB 63ms
54ms Script
text/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.91.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTBOB9H431PH&templateVariantId=OTVNV8G9XH89V&offerId=fakeOfferId&experienceId=EX4DCSDEWA90&iframeId=offer_8cbe9f57be49d75e60e4-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2280
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Jan 2024 14:36:50 GMT
wn: prod-dash-10-0-87-246
server: cloudflare
optimized-by: _sam
vary: Accept-Encoding
content-type: text/javascript
server-time: 0.000
cache-control: public, max-age=602520
cf-ray: 847c68fadc844d2b-FRA
expires: Fri, 26 Jan 2024 04:04:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame A4B0 23 KB
2 KB 35ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

223e97d3bb390ff95ac0ad68e06b3daf0eedc98943c49f54a3a262dc50f53280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 04:27:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 04:42:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame A4B0 1 KB
522 B 45ms
35ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2e27abb6b7eb21d99d37021c1100f2c6fdbc12eff318e61392211381bcf95af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 04:40:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 04:42:16 GMT

GET
H2 404 style.css
buy.tinypass.com/ Frame A4B0 0
0 33ms
23ms Stylesheet
text/html 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTBOB9H431PH&templateVariantId=OTVNV8G9XH89V&offerId=fakeOfferId&experienceId=EX4DCSDEWA90&iframeId=offer_8cbe9f57be49d75e60e4-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 104
vary: accept-encoding
content-type: text/html
cache-control: public, max-age=1200
cf-ray: 847c68fadc7d4d2b-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 19 Jan 2024 05:02:16 GMT

GET
H2 200 close.png
s3.glbimg.com/v1/AUTH_3426e47ed6784b729ddc152696060e4c/Barreiras/ Frame A4B0 210 B
559 B 233ms
224ms Image
image/png 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_3426e47ed6784b729ddc152696060e4c/Barreiras/close.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTBOB9H431PH&templateVariantId=OTVNV8G9XH89V&offerId=fakeOfferId&experienceId=EX4DCSDEWA90&iframeId=offer_8cbe9f57be49d75e60e4-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 1d00ab80903ea23ebb7a0ba54d171d39a76c6adf2f2710d454e9a33a8456e1f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
x-openstack-request-id: txe4c25025177446a18b1a2-0065a9fd4d
last-modified: Mon, 13 Sep 2021 17:14:07 GMT
x-thanos: 0AB54006
etag: f4b34f13635462633664e34911bd1fce
vary: Accept-Encoding, Origin
content-type: image/png
x-timestamp: 1631553246.32720
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 210
x-trans-id: txe4c25025177446a18b1a2-0065a9fd4d
x-request-id: 7d7a5cb0-18c8-4fac-b77c-6c2a7f61fa73

GET
H2 200 gc-naobarreira-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/galileu/ Frame A4B0 34 KB
34 KB 259ms
250ms Image
image/gif 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/galileu/gc-naobarreira-desk.gif
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTBOB9H431PH&templateVariantId=OTVNV8G9XH89V&offerId=fakeOfferId&experienceId=EX4DCSDEWA90&iframeId=offer_8cbe9f57be49d75e60e4-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 355312015b3a2297e4a30ae21402e963a545f5bf1ed1078563c24e59ba6f9080

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
x-openstack-request-id: tx2d02b3fe382d4f2aa037e-0065a9fda8
last-modified: Wed, 01 Mar 2023 13:20:39 GMT
x-thanos: 0AB54006
etag: 1db1fce01f79cffdf5625b26d430defa
vary: Accept-Encoding, Origin
content-type: image/gif
x-timestamp: 1677676838.03608
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 34668
x-trans-id: tx2d02b3fe382d4f2aa037e-0065a9fda8
x-request-id: 0bae9c6a-e874-4d9f-bd8c-2f399e558cd6

GET
H2 200 gc-naobarreira-mob.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/galileu/ Frame A4B0 18 KB
18 KB 247ms
246ms Image
image/gif 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/galileu/gc-naobarreira-mob.gif
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTBOB9H431PH&templateVariantId=OTVNV8G9XH89V&offerId=fakeOfferId&experienceId=EX4DCSDEWA90&iframeId=offer_8cbe9f57be49d75e60e4-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 630287c96a4053ce59fa2a4e86ec61cfccd5cb020092945999842e9bb6d86a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
x-openstack-request-id: txa6415db37bf248d282131-0065a9fda8
last-modified: Wed, 01 Mar 2023 13:20:39 GMT
x-thanos: 0AB54006
etag: a4fb7cb50cc940f974f6151ee88f2971
vary: Accept-Encoding, Origin
content-type: image/gif
x-timestamp: 1677676838.03834
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 17956
x-trans-id: txa6415db37bf248d282131-0065a9fda8
x-request-id: 5f179d18-0cb7-438b-83a5-1356cf63b509

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
14 KB 235ms
235ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501753496430904&correlator=4177026606440794&eid=31079956%2C31080257%2C31079724&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fif&iu_parts=85042905%2Cedgalileu%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C1190x250%7C970x150&ifi=6&didk=557148460&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&abxe=1&dt=1705639336141&lmt=1705639336&adxs=200&adys=2081&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frevistagalileu.globo.com%2F&vis=1&psz=1200x0&msz=1200x0&fws=4&ohw=1200&psts=AOrYGsljxsWtZ2Q4TT-UZDZzyou1RSUjyJYU5ZB1px2C9pqu4VoWleVtWB3QsX0wxyr61-EFu4QGSY8u1YUj_xxpsBck4A%2CAOrYGsmJbfuqmsHyUY-I_NNtJ7tZFmqV5HJpIP8SGyZMFYtWM2U4U8RL8a-yPV3rZjDU3yV6SY-a-Rx4qblL8mcoZFOMxg%2CAOrYGsmef5QbN71s_cC3-9v5opS8YOHiHonFcydxQtUNBa4Xob1ndh22DoJCWtcmbQdhQtBPzDr48sVHFMAw9MmBNUgjSw%2CAOrYGsmSxrxP4IuTiDDD9JB5drAlIKo5_jwmf60jbHoPcM5jHWl8EzerHrTJEBc2_uxmGzRBTrAbDNXmt2OyMbHhxxzf1Q&ga_vid=2089446785.1705639333&ga_sid=1705639333&ga_hid=810549604&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_JmbgNIxSABSAghkEjsKCnB1YmNpZC5vcmcSJDFiZmE0MjlhLTUzY2UtNDAzMi1iNTAzLTQ2ZTM4ZDg2NWQxZhifmpuA0jFIABIdCg5lc3AuY3JpdGVvLmNvbRj8mZuA0jFIAFICCGQSwgEKCHJ0YmhvdXNlEqwBRGR0MFJwVDJ5NVYwa1NBWG9zOTVjQytFbkptSkNiZ0NOZ2kydy9VQ012N3ZnVHhoZEJLam9PNmZXNUkrbDMvWnFzWlQzQ1BGM29jYXByVU42U2owVWtxWUJQRFBEMzhOREdSTlZpWWhxRTlydE83UGpQSWJMYkNnV0FQd2w3WFBPYjd1Sm9OSmJQZGw1RW9PRklRbDZuZmdmWEdXN1RZaXFTRVVGN3RjQVpjPRjlrZuA0jFIABIZCgp1aWRhcGkuY29tGPyZm4DSMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2liamR1UTFSa2MzSlJNMlV3WTJRNWMwRkhNakpYZHowOUluMD0Yra6bgNIxSAASGwoMaWQ1LXN5bmMuY29tGJ6rm4DSMUgAUgIIag..&cbidsp=CqwBCAESFQoGY3JpdGVvEIYBIAJSBmNyaXRlbxIXCgdzZWVkdGFnELQCIAJSB3NlZWR0YWcSFwoHcnViaWNvbhD6ASACUgdydWJpY29uEiMKDXNtYXJ0YWRzZXJ2ZXIQgwMgAlINc21hcnRhZHNlcnZlchgCIiQyYjc1ODAxYS0xYzc4LTRiOTAtOTcwZC03MWZlZDk3N2QzNDQqBAgDIAAyB3Y4LjIzLjBArBtKAA..&dlt=1705639330513&idt=1252&prev_scp=Editora.pos%3DBottom%26rc%3Dpub-super-3_0&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D5%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1705639332142%26prmtvvid%3D%26prmtvwid%3D&adks=3799694310&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d28775118345b5cfc54dd79b1078e55dffd99c5d1fe20c6b843047334ea5f66e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14746
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 2429 456 B
659 B 15ms
15ms Document
text/html 2a02:26f0:480:ba2::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:ba2::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 289
Content-Type: text/html
Date: Fri, 19 Jan 2024 04:42:16 GMT
Expires: Mon, 29 Jan 2024 04:42:16 GMT
Last-Modified: Thu, 30 Nov 2023 11:55:50 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 68ms
34ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/e87054ded32ae473684f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9ab167fb4bf6ab63b9f20538f2a3ed1d5668ee7eef1ad6f0cda7441d752b5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 19 Jan 2024 04:42:16 GMT

POST
H3 200 bid Show response
s.seedtag.com/c/hb/ 11 B
29 B 243ms
233ms Fetch
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
202 B 30ms
14ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=76494409522&lsavail=1&bundle=mXihpV9yT1dJWmdPVUZNRTR4NElINUV5dGJ6MG9veFpQVXpIMVRqTzFmV3o3Q0FOcmc1RXB4cUs0NURIWU9zNHBnWWR2YUplRlpYRDBPa1oxc2h6ZHBnUWV3czZWRmZtbiUyQkdZZkJNUWJzQzhPb0syZ294dlFwdWtHWUVDR3pkVXhxMktnOE9qeGlhREJPcTJOenhRYjNidTV6ZyUzRCUzRA

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://revistagalileu.globo.com
date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
574 B 116ms
110ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 Lille, France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 486 B
520 B 150ms
133ms Fetch
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=266816&zone_id=1321690&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=1bfa429a-53ce-4032-b503-46e38d865d1f%5E1&rf=https%3A%2F%2Frevistagalileu.globo.com%2F&tg_i.domain=revistagalileu.globo.com&tg_i.page=https%3A%2F%2Frevistagalileu.globo.com%2F&tg_i.adunit=85042905_edgalileu%2Fhome&tg_i.aupname=%2F85042905.*%26.*super.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fedgalileu%2Fhome%23pub-super-5&tk_flint=dmpbjs_v8.23.0&x_source.tid=955976d8-8211-443a-a8e8-a18db6c830b9&l_pb_bid_id=52e903cc5c4e8f3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=03287a9f-e372-466f-82fd-194ec68fa62b&rp_maxbids=1&p_gpid=%2F85042905%2Fedgalileu%2Fhome%23pub-super-5&slots=1&rand=0.7892698610101938
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 86e2a020d71b02648dc9707e69113e6db16e3bdbdabc7f4a6652de659b177b51

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 486
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 2429 112 KB
37 KB 13ms
11ms Script
application/x-javascript 2a02:26f0:480:ba2::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:ba2::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cc6147e52ad7ec65a91af95923ede2c78311b5e77f515e15718b0f62646b943a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:42:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2024 12:20:42 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37289
Expires: Fri, 19 Jan 2024 05:42:16 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 387ms
387ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501753496430904&correlator=3630870744751550&eid=31079956%2C31080257%2C31079724&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fif&iu_parts=85042905%2Cedgalileu%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=7&didk=2964956997&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&abxe=1&dt=1705639336199&lmt=1705639336&adxs=1000&adys=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frevistagalileu.globo.com%2F&vis=1&psz=399x0&msz=399x0&fws=4&ohw=399&psts=AOrYGsljxsWtZ2Q4TT-UZDZzyou1RSUjyJYU5ZB1px2C9pqu4VoWleVtWB3QsX0wxyr61-EFu4QGSY8u1YUj_xxpsBck4A%2CAOrYGsmJbfuqmsHyUY-I_NNtJ7tZFmqV5HJpIP8SGyZMFYtWM2U4U8RL8a-yPV3rZjDU3yV6SY-a-Rx4qblL8mcoZFOMxg%2CAOrYGsmef5QbN71s_cC3-9v5opS8YOHiHonFcydxQtUNBa4Xob1ndh22DoJCWtcmbQdhQtBPzDr48sVHFMAw9MmBNUgjSw%2CAOrYGsmSxrxP4IuTiDDD9JB5drAlIKo5_jwmf60jbHoPcM5jHWl8EzerHrTJEBc2_uxmGzRBTrAbDNXmt2OyMbHhxxzf1Q&ga_vid=2089446785.1705639333&ga_sid=1705639333&ga_hid=810549604&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_JmbgNIxSABSAghkEjsKCnB1YmNpZC5vcmcSJDFiZmE0MjlhLTUzY2UtNDAzMi1iNTAzLTQ2ZTM4ZDg2NWQxZhifmpuA0jFIABIdCg5lc3AuY3JpdGVvLmNvbRj8mZuA0jFIAFICCGQSwgEKCHJ0YmhvdXNlEqwBRGR0MFJwVDJ5NVYwa1NBWG9zOTVjQytFbkptSkNiZ0NOZ2kydy9VQ012N3ZnVHhoZEJLam9PNmZXNUkrbDMvWnFzWlQzQ1BGM29jYXByVU42U2owVWtxWUJQRFBEMzhOREdSTlZpWWhxRTlydE83UGpQSWJMYkNnV0FQd2w3WFBPYjd1Sm9OSmJQZGw1RW9PRklRbDZuZmdmWEdXN1RZaXFTRVVGN3RjQVpjPRjlrZuA0jFIABIZCgp1aWRhcGkuY29tGPyZm4DSMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2liamR1UTFSa2MzSlJNMlV3WTJRNWMwRkhNakpYZHowOUluMD0Yra6bgNIxSAASGwoMaWQ1LXN5bmMuY29tGJ6rm4DSMUgAUgIIag..&cbidsp=CvkCCAESywEKCGFwcG5leHVzEJsCGq8BCg81NWJmZjdkYTAwYzZmZmIQzKIEGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX2Zvcm1hdCISaGJfYmlkZGVyX2FwcG5leHVzIhBoYl9hZGlkX2FwcG5leHVzIg5oYl9wYl9hcHBuZXh1cyIQaGJfc2l6ZV9hcHBuZXh1cyISaGJfZm9ybWF0X2FwcG5leHVzKAE6BgisAhD6ASABUghhcHBuZXh1cxIjCg1zbWFydGFkc2VydmVyEI0DIAJSDXNtYXJ0YWRzZXJ2ZXISFwoHc2VlZHRhZxCvAyACUgdzZWVkdGFnEhQKBmNyaXRlbxBrIAJSBmNyaXRlbxIXCgdydWJpY29uEN0BIAJSB3J1Ymljb24YAiIkNTZjNjZjYTUtNDEwNC00Y2I3LWE4MDMtZWM1MzU1ZjE1ZDEyKgQIAyAAMgd2OC4yMy4wQKwbSgA.&dlt=1705639330513&idt=1252&prev_scp=Editora.pos%3DTop%26rc%3Dpub-retangulo-1_0%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.06%26hb_adid_appnexus%3D55bff7da00c6ffb%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.06%26hb_adid%3D55bff7da00c6ffb%26hb_bidder%3Dappnexus&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D5%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1705639332142%26prmtvvid%3D%26prmtvwid%3D&adks=3497278971&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93d06f11db169b0c18ecdd02370819abf1841d0c7ed2ec2b8bff2627e62d5e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15070
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js Show response
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/ 1 MB
301 KB 43ms
18ms Script
application/javascript 2606:4700:4400::6812:29aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 405f393a4ee57fb23aff042dbcd2869beaa5f528cf4dadf5ccff90c7e331bba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: d39f98ec-9259-4f8b-896d-7ab58be1f900
age: 0
x-guploader-uploadid: ABPtcPp-vEBGP43nEi8sQ-w6v5g6LSsUBGGAbz_bItWNrwbSlRij_aAuKAObPm11bhA7ylYFykQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
content-length: 307693
last-modified: Thu, 18 Jan 2024 22:19:47 GMT
server: cloudflare
etag: "4490cbe1e8f8af7a73340ba8b4d84fef"
vary: Accept-Encoding
x-goog-generation: 1705616387276210
content-type: application/javascript
x-goog-hash: crc32c=dRDJ3Q==, md5=RJDL4ej4r3pzNAuotNhP7w==
cache-control: public, max-age=900
x-goog-stored-content-length: 307693
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68fe5f804d68-FRA
expires: Fri, 19 Jan 2024 04:57:16 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 2429 47 B
638 B 36ms
9ms Script
text/javascript 167.235.124.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0038.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 8b7c7be4a4fc51f92dbab683a20745614d6c642a619817edd9a3395da395b47a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
last-modified: Wed, 19 Jul 2023 04:42:16 GMT
server: Jetty(9.4.28.v20200408)
etag: 1mgt8qdajci7q35b3zsyfzgsq0
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript;charset=utf-8
cache-control: private, proxy-revalidate
content-length: 47
expires: Sun, 19 Jan 2025 04:42:16 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 344ms
343ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501753496430904&correlator=2496716387636277&eid=31079956%2C31080257%2C31079724&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fif&iu_parts=85042905%2Cedgalileu%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=8&didk=2964956998&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&abxe=1&dt=1705639336242&lmt=1705639336&adxs=1000&adys=3212&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frevistagalileu.globo.com%2F&vis=1&psz=399x0&msz=399x0&fws=4&ohw=399&psts=AOrYGsljxsWtZ2Q4TT-UZDZzyou1RSUjyJYU5ZB1px2C9pqu4VoWleVtWB3QsX0wxyr61-EFu4QGSY8u1YUj_xxpsBck4A%2CAOrYGsmJbfuqmsHyUY-I_NNtJ7tZFmqV5HJpIP8SGyZMFYtWM2U4U8RL8a-yPV3rZjDU3yV6SY-a-Rx4qblL8mcoZFOMxg%2CAOrYGsmef5QbN71s_cC3-9v5opS8YOHiHonFcydxQtUNBa4Xob1ndh22DoJCWtcmbQdhQtBPzDr48sVHFMAw9MmBNUgjSw%2CAOrYGsmSxrxP4IuTiDDD9JB5drAlIKo5_jwmf60jbHoPcM5jHWl8EzerHrTJEBc2_uxmGzRBTrAbDNXmt2OyMbHhxxzf1Q&ga_vid=2089446785.1705639333&ga_sid=1705639333&ga_hid=810549604&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_JmbgNIxSABSAghkEjsKCnB1YmNpZC5vcmcSJDFiZmE0MjlhLTUzY2UtNDAzMi1iNTAzLTQ2ZTM4ZDg2NWQxZhifmpuA0jFIABIdCg5lc3AuY3JpdGVvLmNvbRj8mZuA0jFIAFICCGQSwgEKCHJ0YmhvdXNlEqwBRGR0MFJwVDJ5NVYwa1NBWG9zOTVjQytFbkptSkNiZ0NOZ2kydy9VQ012N3ZnVHhoZEJLam9PNmZXNUkrbDMvWnFzWlQzQ1BGM29jYXByVU42U2owVWtxWUJQRFBEMzhOREdSTlZpWWhxRTlydE83UGpQSWJMYkNnV0FQd2w3WFBPYjd1Sm9OSmJQZGw1RW9PRklRbDZuZmdmWEdXN1RZaXFTRVVGN3RjQVpjPRjlrZuA0jFIABIZCgp1aWRhcGkuY29tGPyZm4DSMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2liamR1UTFSa2MzSlJNMlV3WTJRNWMwRkhNakpYZHowOUluMD0Yra6bgNIxSAASGwoMaWQ1LXN5bmMuY29tGJ6rm4DSMUgAUgIIag..&cbidsp=CvkCCAESFwoHc2VlZHRhZxDEAyACUgdzZWVkdGFnEssBCghhcHBuZXh1cxDcARqvAQoPNTMwNjE4ZTg3YjhiY2ZmEMHjChoDVVNEIgloYl9iaWRkZXIiB2hiX2FkaWQiBWhiX3BiIgdoYl9zaXplIgloYl9mb3JtYXQiEmhiX2JpZGRlcl9hcHBuZXh1cyIQaGJfYWRpZF9hcHBuZXh1cyIOaGJfcGJfYXBwbmV4dXMiEGhiX3NpemVfYXBwbmV4dXMiEmhiX2Zvcm1hdF9hcHBuZXh1cygBOgYIrAIQ-gEgAVIIYXBwbmV4dXMSIwoNc21hcnRhZHNlcnZlchCoAiACUg1zbWFydGFkc2VydmVyEhQKBmNyaXRlbxBnIAJSBmNyaXRlbxIXCgdydWJpY29uEJYCIAJSB3J1Ymljb24YAiIkYjU2NDMzMjctNTY2Ny00OWRkLTlhODItNTYzZDRjZGJiNmI1KgQIAyAAMgd2OC4yMy4wQKwbSgA.&dlt=1705639330513&idt=1252&prev_scp=Editora.pos%3DMiddle%26rc%3Dpub-retangulo-2_0%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.17%26hb_adid_appnexus%3D530618e87b8bcff%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.17%26hb_adid%3D530618e87b8bcff%26hb_bidder%3Dappnexus&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D5%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1705639332142%26prmtvvid%3D%26prmtvwid%3D&adks=162725476&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdbc397d54ec38ac605c18ddc3a969e8901224191269bc0716a0e45c70576ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15251
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 callback.min.js Show response
s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/ Frame DAA3 96 KB
39 KB 227ms
227ms Script
application/x-javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/callback.min.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/login-callback.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 55e355a0f86d6f7fe3b0b20bb64ea0f01c1a846f732cb38a7c89f07bfea8b6fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
x-openstack-request-id: tx838a528ef3bc4912afa14-0065a9fd8d
last-modified: Thu, 30 Nov 2023 12:03:46 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: application/x-javascript
x-timestamp: 1701345825.59577
cache-control: public, max-age=180
x-trans-id: tx838a528ef3bc4912afa14-0065a9fd8d
x-request-id: cab99ff7-e97e-41f7-9e8d-6aad29791531

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 28ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1896257967106140&ev=PageView&dl=https%3A%2F%2Frevistagalileu.globo.com%2F&rl=&if=false&ts=1705639336258&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705639336044.485419416&cs_est=true&ler=empty&it=1705639335928&coo=false&cdl=&rqm=GET

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Jan 2024 04:42:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6MZG9W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Jan 2024 03:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3247
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 19 Jan 2024 05:48:09 GMT

GET
DATA 200
OK truncated
/ Frame A4B0 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 2429 43 B
469 B 84ms
11ms Image
image/gif 167.235.124.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.46&typ=pgv&rnd=lrk5mef84bejs5p2&sid=4756157261768221469&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&new=1&arf=0&ltm=1705639336117&ref=&tzo=-60&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lrk5meoib6bfm9yo&ckp=lrk5mef84hpi8cim&glb=&cp_userState=anon&cst=1mgt8qdajci7q35b3zsyfzgsq0
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0038.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Fri, 19 Jan 2024 04:42:16 GMT
server: Jetty(9.4.28.v20200408)
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 103 B
693 B 31ms
10ms Script
text/javascript 167.235.124.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lrk5mef84hpi8cim%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%221mgt8qdajci7q35b3zsyfzgsq0%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%221mgt8qdajci7q35b3zsyfzgsq0%22%7D%5D%2C%22siteId%22%3A%224756157261768221469%22%2C%22location%22%3A%22https%3A%2F%2Frevistagalileu.globo.com%2F%22%7D&callback=cXJsonpCB1

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nue0038.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

755cc3365108c032a896d7b649e81a958a00fc6ab10f238c6f91558d6217fe6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 103
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 266ms
266ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501753496430904&correlator=1524295312325118&eid=31079956%2C31080257%2C31079724&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fif&iu_parts=85042905%2Cedgalileu%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C970x90%7C970x150%7C1190x250&ifi=9&didk=557148463&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&abxe=1&dt=1705639336354&lmt=1705639336&adxs=200&adys=1143&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frevistagalileu.globo.com%2F&vis=1&psz=1200x0&msz=1200x0&fws=4&ohw=1200&psts=AOrYGsljxsWtZ2Q4TT-UZDZzyou1RSUjyJYU5ZB1px2C9pqu4VoWleVtWB3QsX0wxyr61-EFu4QGSY8u1YUj_xxpsBck4A%2CAOrYGsmJbfuqmsHyUY-I_NNtJ7tZFmqV5HJpIP8SGyZMFYtWM2U4U8RL8a-yPV3rZjDU3yV6SY-a-Rx4qblL8mcoZFOMxg%2CAOrYGsmef5QbN71s_cC3-9v5opS8YOHiHonFcydxQtUNBa4Xob1ndh22DoJCWtcmbQdhQtBPzDr48sVHFMAw9MmBNUgjSw%2CAOrYGsmSxrxP4IuTiDDD9JB5drAlIKo5_jwmf60jbHoPcM5jHWl8EzerHrTJEBc2_uxmGzRBTrAbDNXmt2OyMbHhxxzf1Q&ga_vid=2089446785.1705639333&ga_sid=1705639333&ga_hid=810549604&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_JmbgNIxSABSAghkEjsKCnB1YmNpZC5vcmcSJDFiZmE0MjlhLTUzY2UtNDAzMi1iNTAzLTQ2ZTM4ZDg2NWQxZhifmpuA0jFIABIdCg5lc3AuY3JpdGVvLmNvbRj8mZuA0jFIAFICCGQSwgEKCHJ0YmhvdXNlEqwBRGR0MFJwVDJ5NVYwa1NBWG9zOTVjQytFbkptSkNiZ0NOZ2kydy9VQ012N3ZnVHhoZEJLam9PNmZXNUkrbDMvWnFzWlQzQ1BGM29jYXByVU42U2owVWtxWUJQRFBEMzhOREdSTlZpWWhxRTlydE83UGpQSWJMYkNnV0FQd2w3WFBPYjd1Sm9OSmJQZGw1RW9PRklRbDZuZmdmWEdXN1RZaXFTRVVGN3RjQVpjPRjlrZuA0jFIABIZCgp1aWRhcGkuY29tGPyZm4DSMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2liamR1UTFSa2MzSlJNMlV3WTJRNWMwRkhNakpYZHowOUluMD0Yra6bgNIxSAASGwoMaWQ1LXN5bmMuY29tGJ6rm4DSMUgAUgIIag..&cbidsp=CqsBCAESIwoNc21hcnRhZHNlcnZlchCaAyACUg1zbWFydGFkc2VydmVyEhcKB3J1Ymljb24QnwIgAlIHcnViaWNvbhIXCgdzZWVkdGFnEN4EIAJSB3NlZWR0YWcSFAoGY3JpdGVvEHUgAlIGY3JpdGVvGAIiJGFmYzMyNzA3LWFjMjctNDU1ZC05MjUzLTkzMTA4NjI4NWNkOSoECAMgADIHdjguMjMuMECsG0oA&dlt=1705639330513&idt=1252&prev_scp=Editora.pos%3DMiddle%26rc%3Dpub-super-2_0&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D5%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1705639332142%26prmtvvid%3D%26prmtvwid%3D&adks=1319022583&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623ca1945ffa780caa18c39b5049941bd9a94428538cb8344cb565666ea18dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15233
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CEA9 6 KB
3 KB 17ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:13 GMT
expires: Sat, 18 Jan 2025 04:42:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame B39A 126 KB
78 KB 30ms
27ms Stylesheet
text/css 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVY9LH1NCBIW&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_102b08c3603161dd7118-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVY9LH1NCBIW&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_102b08c3603161dd7118-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 5907
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Dec 2023 16:16:48 GMT
wn: prod-dash-10-0-92-102
server: cloudflare
etag: W/"128533-1702570608000"
vary: Accept-Encoding
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 847c68fc8cd81942-FRA
expires: Fri, 19 Jan 2024 06:42:16 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame B39A 95 KB
30 KB 18ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1822062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30360
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWfxJ6xAo6RyDvm%2FVqn0huLYJlQpvTqAF%2BK4ild5fiUKT8U5Kliu48860zl5PoOgG4wDmjFvjYRrXlWdb1KH5FopdLkvvNUZlw5BNQ%2B67k3nUUPwdRB85%2BZUKJFvtKjwY0dnOoaD5qHNJrdo2CkSMmqc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68fc8c8568f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame B39A 10 KB
4 KB 20ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3577882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3550
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Gu413Ein792JI%2F6mfRWp7oXWVVj%2BfH8GXrrRkfsW95C4t1juXHQeM7usKCPzPWn8g432R%2BKK30UwdPPACHtQx8ThxBC9NIarTOZmTHbiJR6UPrHhIoy1Fz4TpH0mb0XranetSx58TH444s0dhUEMxmh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68fc8c8768f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame B39A 104 KB
35 KB 27ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6127341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35086
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGULInxxvbypNAqqUIUuE%2FmlvzNdBVR7UDj9GygIStPkJUjfVyF6g8B6jRBu2VUsL%2FXl3QVxYbPhisrEHs2LiV84JLgRuhjb%2F4KkTsyoolyUKBZJYp89uh6%2BmUGi4gn8o08s%2B3AbZtLkfwCYXPv1Sczn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68fc8c8868f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-animate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame B39A 11 KB
4 KB 23ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3579920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3978
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-2bd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjSqniiVWp1IgFuePPTJJa5iptBJC8MU2I6KiFP1VsS5nt%2FRsCAJjItojlNkcNoFEyDD%2FHHXxp4PN%2BtRNUwj7e7PpIG1nkjwn1Ng4JRVbjK6KF4%2FfoZwzmGdZ0Ycpre2pHN59NviKxRfbveuSi%2FcKQ%2Bf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68fc8c8a68f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame B39A 825 B
757 B 18ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3061477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 434
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aj8zjNwESKZw30ITWwYbYQKwntRl9TLDQ2XOa6Fqumy%2BnmpiEMUcsTZEy7KIm7taMPFgU94uUP%2F%2F%2B0YXqDAuKea8umwDkAk5ryXc6Tc32lcVOqTWbXcgfJ%2BJT13oQe3iV7T9%2FQUhxux9NGF%2FEZjp5Eq0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68fc8c8c68f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame B39A 4 KB
2 KB 22ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4237685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2171
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pA0KESNh4HDlDJjKqFfiFbhypQXkJBxEy%2F5BQ46Z8P1GTW46tETf2ZMeZbK7xkSsi%2FRQN1FYoiHI%2F97LWtJs8h1heG4JIeY%2FNAvYjdUJGnLf3q7fpbMUx4vIBKNQ%2FA7Xd08GMrQVOIzQ6pN9%2FALBYa8G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68fc8c8d68f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame B39A 3 KB
2 KB 25ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 24271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 953
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHQdFwKpdT%2BFiVBH%2BFi5JoB0QWvkjcXUdbLjXvohA%2B5dD%2BJxbqsXSEvOv7mQ87jjBqTGLPPGKo31hB0R3Lkrv6%2FTAW7glSP9h8ag0XCbSCJ7QcZblcD4whw1jrqQL1R2iAWaKJvSRv5aoZuGBSXzaOOT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68fc8c8e68f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame B39A 23 KB
8 KB 27ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6220555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7490
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRBr5fwUPhGtLBA%2BkKCTyj44mEA39duUA35GD8PPzaepgzu0KqpWzMBh6hEx0bXq5HttBeqFcyw0whGgYa1cwMJM9nJhkq5Cy%2BTHRvlYY68AP3PMh3uM%2F1uUq3zN3p%2BCBx6KTPhIHyKlxIgdxiuiAIMW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68fc8c8f68f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame B39A 2 KB
1 KB 20ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5961324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 910
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I16b6PPYzUJDfMqXTyK%2FR0jHoW6U2Msi0UPV27PrAO2PUHPkBOtavndeCmRqOxrpqyRkQdc2mklYm8lJuPis4NEHwOlehOpzQGUx0cOJ90FQjwk%2BdU0XRneFCvZxNyb6EN4vx%2BOXCUYa6jE1q%2F93%2Fods"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68fc8c9068f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame B39A 20 KB
7 KB 29ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5993060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6934
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Racnntcpsnq1uEQfoEKmUUGNa7B5FBtwlI2Kw%2FNFoWj30UDj1m922Rr43v4qrytOv0KvtGKJzCXRsVDyHxRmhlzmxiJ1ARy8Gz7BcAg6BXhB2utun3lKMSCPF0u4tpJ0uK%2BnnrRwOl%2Fw%2BRCNLf1DnBRN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c68fc8c9168f2-FRA
expires: Wed, 08 Jan 2025 04:42:16 GMT

GET
H3 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame B39A 33 KB
7 KB 125ms
122ms Script
application/javascript 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=VnaP3rYVKc&version=1568388702000&language=en_US

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVY9LH1NCBIW&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_102b08c3603161dd7118-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Mgqrh7svpHs
pragma
wn: prod-dash-10-0-128-7
server: cloudflare
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 847c68fc8cdb1942-FRA
expires: Fri, 19 Jan 2024 23:42:16 EST

GET
H3 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame B39A 67 KB
13 KB 39ms
37ms Script
application/javascript 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.91.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVY9LH1NCBIW&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_102b08c3603161dd7118-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 77921
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Jan 2024 14:15:10 GMT
wn: prod-dash-10-0-113-168
server: cloudflare
etag: W/"68959-1705500910000"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 847c68fc8cdd1942-FRA
expires: Sat, 20 Jan 2024 04:42:16 GMT

GET
H3 200 H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame B39A 121 KB
38 KB 45ms
43ms Script
text/javascript 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.91.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVY9LH1NCBIW&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_102b08c3603161dd7118-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2280
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Jan 2024 14:36:50 GMT
wn: prod-dash-10-0-113-168
server: cloudflare
optimized-by: _sam
vary: Accept-Encoding
content-type: text/javascript
server-time: 0.001
cache-control: public, max-age=602520
cf-ray: 847c68fc8cde1942-FRA
expires: Fri, 26 Jan 2024 04:04:16 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame B39A 3 KB
652 B 30ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 04:28:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 04:42:16 GMT

GET
H3 404 style.css
buy.tinypass.com/checkout/template/ Frame B39A 0
0 46ms
44ms Stylesheet
text/html 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/style.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVY9LH1NCBIW&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_102b08c3603161dd7118-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 82
vary: accept-encoding
content-type: text/html
cache-control: public, max-age=1200
cf-ray: 847c68fc8cdf1942-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 19 Jan 2024 05:02:16 GMT

GET
H2 200 gc-footer-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/galileu/ Frame B39A 11 KB
11 KB 227ms
224ms Image
image/gif 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/galileu/gc-footer-desk.gif
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVY9LH1NCBIW&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_102b08c3603161dd7118-0&displayMode=inline&widget=template&url=https%3A%2F%2Frevistagalileu.globo.com&customVariables=%7B%22onBoardingComplete%22%3Afalse%2C%22nomeProduto%22%3A%22galileu%22%2C%22nomeEditoriaPiano%22%3A%22%22%2C%22nomeSubeditoriaPiano%22%3A%22%22%2C%22semPaywall%22%3Afalse%2C%22urlQuestionPro%22%3A%22https%3A%2F%2Finfoglobo.questionpro.com%2Fa%2FTakeSurvey%3Ftt%3DrYwy%2F5SbLLgECHrPeIW9eQ%253D%253D%26slt%3DM%252BjMdV99v9bPkfJL8NS%252F4w%253D%253D%26custom2%3Dbd_suser_code%22%2C%22giftUrl%22%3Afalse%2C%22bannerContadorLigado%22%3Atrue%2C%22buscador%22%3Afalse%2C%22currentUrl%22%3A%22https%253A%252F%252Frevistagalileu.globo.com%252F%22%2C%22urlLoginSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2Fundefined%22%2C%22urlRegisterSimple%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2Fundefined%22%2C%22urlLogin%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogin%2F6697%22%2C%22urlLogout%22%3A%22https%3A%2F%2Flogin.globo.com%2Flogout%22%2C%22urlRegister%22%3A%22https%3A%2F%2Flogin.globo.com%2Fcadastro%2F6697%22%2C%22referrer%22%3A%22%22%2C%22exAssinante%22%3Afalse%2C%22AssinanteGs%22%3Afalse%2C%22linkPresente%22%3Afalse%2C%22anonimo%22%3Afalse%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 5344cb498819bb08e8c4e1adf068df5fcbfba075a783d68ed0b9583d3390a774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
x-openstack-request-id: tx0e2c15e198a1445083f1f-0065a9fda2
last-modified: Wed, 01 Mar 2023 13:20:39 GMT
x-thanos: 0AB54006
etag: b016d0ce0e21297ec8b98784726449f8
vary: Accept-Encoding, Origin
content-type: image/gif
x-timestamp: 1677676838.02456
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 10937
x-trans-id: tx0e2c15e198a1445083f1f-0065a9fda2
x-request-id: 63543382-767b-467c-8598-467582c9deea

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 44C9 640 B
308 B 62ms
52ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMigmAEQqo3fARjsq7yCAjAB&v=APEucNUdfU6lTdRwz0x15PgxZNXVg-OG3JvOovqeMV7cuCsoUoabzMa_4jh5q4qCD2FkNe8a8kN18iOvaKiwXWE8QuAT4JeroUBqpJxSEHO0U280-IUXGVepOMfCbL28eyTgu3z6WZSxOsFMjyNaTO9IvQuj3TtSeWSMOo_99YCefIhuIpU2HbU

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CEA9 89 KB
31 KB 147ms
142ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 04:42:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEA9 42 B
63 B 50ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BogxU1K8CWPtGzMG88puS_okgWDPWQmRZoBgXavnQGjnbAb0pqcWuKbitZ0V5S8j8IXKikO2pVrF3VqqoKeDCFncCNgg_xEkBQhCRLyFuU78avCSY

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1806749/77544531/xbbe/creative/ Frame CEA9 278 KB
83 KB 110ms
37ms Script
application/javascript 34.251.209.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1806749/77544531/xbbe/creative/adj?p=APEucNVQBM3flZcx85qGvX5SklzynvfAD1oUAuVOEYjtags22mxCcKg&d=CpkBAKAmf-C7LS0bG2z4AdvDnJO1-LMZR3efykncthM7z-eugcYcuTDn7Np6-7GpQyB4QAlTaTtcRL0PWTctPdvqQURg4X-eU233IxF2HLsvukbkmpsvXYfgiAS7qHyjepVNR7TcdBAhv8efRpJ8cLrCkCeqP_dv2nHo86IfIWVURqQ6sj8LbnmLtUbZy4Twj5Cu8Wvb16BxqshHEvkWAKAmf-DUqWLgYz-x-S23RglEqF1SJ7KkkM_jqZb9ZRXMyoFAS-0L_XkQP2_c7A4H3fb3Be0UTHf3DmGSjCzgB3vy-BpwHM9OZX3yMqDcTnBb-WfquJ-1u8z-ySvH1GEzl0LjM-fau8SLoJ0XUnHrlR6EiqHprpfvDag82M-t9zr_5T_JhIiH0BeL4kwE05im9VL1iK1NuTdANcA5-WFSSv-hTHhU1KvNO170NWMimpvWd3Y3R2qcp5szP2Nd7Uh_r-6daB_T64yaokVqhHuG44QEsRUDI-niPCV9M2SfAcahN37GG_9-snHqgZnOwnOZRwTCksaaAE1AuNLyT6mn_fOD4BkmPNK0BwDGtSvMOgJNVHytjY4eIrQSa5altGqwG6OAUS1Op7PNbx6Fyu8A3dN6Wt5qGMYTPqbwtMdAn0plZbXMF8GQlHDaolSnQZjUutEGzlJjM6s0BWx3VjnXVsvQeLa_l4sQmg2zU4stdin7r7T62Fsld6DA_4O7qFdN4gLBNaAzvbGr9_PT-8dxeliIbvl7klR5bfE6WZgvhcakRgvubXRGf-7JnQxouVcPO-kyUpUQ7_27L_eIrzYPOf-XJArlQiKe7KAPSa5Ok3VeU2ZtoFCuv2PvML1SkPkKOt1zXCIhniUbOm4WqI53b73aLilDOvlecQLSRPddzBuvI4c1FzjTqeGK64L2SwOFqG62s95j8bbyCAd-kBE8pQJGloE5vU6nMqaV1RW7O45H8_ENNHn3B1B3CYsMz8AB08fwzh8dpqMN6ZuZmp23mWuISg50eA6ZztXuaMZ7J_11db99w6ulasd8MYv6NXi9YeazmvkSmuEYo34EiJvHdu8_7AHQ7hIVA1wx6q2Dq21uVD9WtJ9_18utrqbDaF83PTKofS7H3sy3VHO4dnu2uOezzMizEUODutE_pxZDpYa5SGU-zK8gEC5FwWB7OnCyV4kXKu1MRaraASFhGH0naz0dlyj_Dau6XM5RxOaebpW6mtdn-Sgfkt9PqpD0ooPMWfIR9DqwO6lLQHI-kxkW5uQDCY58oFpsGL6Sm-BnZe1Dugyi5dn_dKRfWPcBnNl464vhfAQ-3PciCN57alMMh4RjEub7lTqQFxiD2oZwVjxYfDMPISlg-Y12OoZdn31tVM3usG3rsfqE0Z1c6PS0kFp11b5yfTVtkq1q9Nr19L3PkqE4NTxkCdTYvg2scm7EDFAsFfo0CZv2Sy9tlQ_bvnTGL3L6ICovJ2WOngZw3oVzBZQWgZnlG8oSMqzqL-1wWg9vikqJii_rKmDDsMEwbcgeyJdROulyZ3vvOxxcnPd721W3I4xwiSB9x2MFtXBM73FfJdsDBARbmZBwRcWBT709UH0uCf816piGZdMwtcPgq6PMDjOBa9mGOe9ETUjKvrt0bf9S_0ij4ekzErnvOe7OaggljCPu-VEc5AJ23BowRzliSAeFn6kCfkydoPPqklAlUgPGjMzoNVlOgXDfFLItSoF--8rBcX8RTLRCuh2_N-UPbd_W1qTiXNRdei3NOPCO9qhR9jNBQl2QX5QxRpfxI9b-ovhYXTdUuow--B9rAODabHRPhBnpwLNjyvlNem9qhrM6IY0vejoLvAgtVsOEcBwzp6xAcZn-4wwLcgSszulUckgR0wqYlepzvyOn-ww4zTcC2pOTv3ZnbTr3URTQia7Yg1Z4GqMVmrxnKEeY3DfkVjP65CQI_yG1kNjt6oCxCrTH3iEYBsjY9dmR-Y6Ycj83jh480IFH_mn_PHFCAM1ouv40ptKb6Rc1WVQ9zkqjmU_MvDlclyO4uapsR1GDXcX9meaYRZO0cX99__gEZjDHoRo6fH8jE8_7v7JN4RQofgJg5xF1Ye7APZvWZvNgDJCahcWGuLthkXJoMV7v8sBB8anxximt2AHlm_Ux87kIovHjVYIRkRiWxghkk3xppEHcMKJlnXg3SmEmuSk57pGChb-SEZAr-o75xvHKbK2szdscmM5LRSuCDvBRgtrsC__9fslzqHHDA8HOzzBAqMIF1f_8sTHDymHE56sd-B5ZI2BU8uJ5qkx5N08ckcvAuU_SLoZWSqwUISecXT1LPc4AWylIQViSxjxmD-SCnfOE-jalKD1A-CwlOsHOrvPxDek9UqT5hcylbJNHA5Yzs_-hzFIHW1gxVyn8j5Z4V5q7_VbhN9K3i0DJ5fy4yKJdfCU-Rmh9sNPoskwHvB_8M3rRZzikMfEUCMVdXL3Ed5-8psMwUXq_6S8LNn7LGLzkmSJGN4tocqDusiNNkz56I-NkTqXR1zbKWfg0Fq1r9rbim4T9pntc0zGtbisE7kyDbyRwxZwtghCqa6obbUsakamos3F-K0rCeqvWTaZ-Ww_jUQbUikJ4gh_AspjeNyK4i6hlc9f_vPia_z1hOevKnn7b-sAQPKtNCHXWQPgtT-WOfVR9oPD2piGGnQGK1EAb6PtubcBhGznKnSDaqG9DrvtX_XT5uoTflTuzWh1pNgmUPyl0YZYBgktD6s1cDp4yokX3FYHTjM9U-RI7wwSrewzfqszHSk4F9vJBysS2ZHCVXQ-9x17jQCcPP2VhES0ocVITxgqzS_hUVHJHZbV1rCh8eB1izEBUusZLWUZwv9o9IK-kcybMPgtVtBEVHfrmjRWGRucJqTspe0AB7Q8hDEl6lDbxc3zI7TLx48dlJl828Q6ra9G40JOYS3vLcJ60M8gzbD-oNRsRzKOhZjTZ8JBiozGYHxaV6PzOL7hRW-Z_YwleCjc1w_aFMOQZTm5b__Kp-Soy9CiYaNpb7G4tuU9KA6CDaiyNciCj1OnzM3d5WUOFKxSDk1CSrvi0S0xjhaWgb46TDuG2nAc0ov6dQXHvCyjIG6N45Kn0OMchaH-da2looxHkkJa-Frtgo6wY-Y4LRbNJ0z16gA9r4EhpwMVEDQTEdqM7u8Mffn-AezEwmzxVA8zykFdYL-rjpyh7s5uPFg_6pPs7M2BsHPtEK4c0sKALLOBO0m8v4G1FtsX6p_6112eed5flstv5IBhGg9kLK9srVI2bQUkv_aPIcxVJSIlfSNqckbq72ljllMw8r1oVIQahmu32RGph7Y5mPlVGpddGNZD1RCtSn5CO-bmItCcSU8WbHYOqQJa4GUZQVIwsUVMm6CG6Zj8dQMVmPbmIj6aQocw5OiHeg-bCuhD4stL_oI3AOn5jlazzVozIZ2AQVQTV__yvdpEl8bClAw6Y53EZ3jh4hMRSpV2QLX-l_IVqKbgs6YjhkqTcqSTsoR8ggojf8m79jCi_9B8adJL3XEDchvTB8IyjZPvYIA33vxm2YNa2YIv7X6CphS8VAtTgYNOxgL2QPFRBUF98S7G4c9qRl5d8KZdC-pXJ7Rqnssgb3cL4FulKrTVrtVS4YpSCpgmqvsSiVMK6qa9ZgPZ_PesY95t1NpoDgWj1rBp8mNHAurXdQETiJ-vlCegJOBmIcoJ5QjbJZL5aSBO-_ZO4GApRIxFqQQ44Uu-8_XXXXRiq_SrAh6kW2K_GcyA4edZl4Rl19z8yOC-puwvY5D69bx3myg8cBoDIglHHGSz0Zrds59L0_jwdqVONY1qlb9qJvMFQXnHFj-JGH3AW0_pyqJNYEp19n-QLYan_ZckzqDxBKsuq5StPRl8d-L6sVjYBxGuEj7qZfY6RmnYX_Jb7cuLz7cPi5iIVmxPeUAQMjOCR5X6z8NCsQA7GoiW8F0xEC6ZX6D7pNHdZH5EYfanwoxBR3WBtD4C9FH2UFzPOIaHGX0brq_O1ufUFQSB01hnN82CvRE9BVDfDzJ_rSfUM2MyfjZMGSfcri8Na5T-wC7vsbZV68NxAOqMzE1oII7eIXTbmK5qRy5gJaa8eg_XIOosJqgCm_jlm0ZVKaUMZw4dzh9OZfKkl2Jj5kApsfSjqvPMWGkEIBBI7AC8eF_-2wajCLT3gtT7s8lG_70geu2rRDvwQXBA3VlVzo-W3AWZ3OachP5sbVifOVooJm5y7Y0C6jk0YAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1015139120&ias_pubId=pub-8828587149473437&ias_chanId=1&ias_placementId=20855602476&bidurl=https://revistagalileu.globo.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jhpaJYC0lBaqne3c-BWmE4
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.209.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-209-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9ef394107fe4abdc8cf901ce04a3b6b59f614a9db4f50c0f1683515fc81c80eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame CEA9 3 KB
1 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame CEA9 20 KB
8 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEA9 206 KB
65 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 04:42:16 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 44C9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEItBMQ_vZN60UcPmZdbUPV0&google_cver=1

43 B
105 B

21ms
20ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEItBMQ_vZN60UcPmZdbUPV0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMigmAEQqo3fARjsq7yCAjAB&v=APEucNUdfU6lTdRwz0x15PgxZNXVg-OG3JvOovqeMV7cuCsoUoabzMa_4jh5q4qCD2FkNe8a8kN18iOvaKiwXWE8QuAT4JeroUBqpJxSEHO0U280-IUXGVepOMfCbL28eyTgu3z6WZSxOsFMjyNaTO9IvQuj3TtSeWSMOo_99YCefIhuIpU2HbU
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEItBMQ_vZN60UcPmZdbUPV0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 44C9 43 B
210 B 38ms
19ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMigmAEQqo3fARjsq7yCAjAB&v=APEucNUdfU6lTdRwz0x15PgxZNXVg-OG3JvOovqeMV7cuCsoUoabzMa_4jh5q4qCD2FkNe8a8kN18iOvaKiwXWE8QuAT4JeroUBqpJxSEHO0U280-IUXGVepOMfCbL28eyTgu3z6WZSxOsFMjyNaTO9IvQuj3TtSeWSMOo_99YCefIhuIpU2HbU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 44C9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKAXu4wCbahcBDsx51K6pec&google_cver=1

23 B
163 B

123ms
39ms

Image
image/gif

2.19.104.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKAXu4wCbahcBDsx51K6pec&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMigmAEQqo3fARjsq7yCAjAB&v=APEucNUdfU6lTdRwz0x15PgxZNXVg-OG3JvOovqeMV7cuCsoUoabzMa_4jh5q4qCD2FkNe8a8kN18iOvaKiwXWE8QuAT4JeroUBqpJxSEHO0U280-IUXGVepOMfCbL28eyTgu3z6WZSxOsFMjyNaTO9IvQuj3TtSeWSMOo_99YCefIhuIpU2HbU
Protocol: H2
Server: 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-4.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 19 Jan 2024 04:42:16 GMT
pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEKAXu4wCbahcBDsx51K6pec&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 44C9 23 B
163 B 156ms
38ms Image
image/gif 2.19.104.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMigmAEQqo3fARjsq7yCAjAB&v=APEucNUdfU6lTdRwz0x15PgxZNXVg-OG3JvOovqeMV7cuCsoUoabzMa_4jh5q4qCD2FkNe8a8kN18iOvaKiwXWE8QuAT4JeroUBqpJxSEHO0U280-IUXGVepOMfCbL28eyTgu3z6WZSxOsFMjyNaTO9IvQuj3TtSeWSMOo_99YCefIhuIpU2HbU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-4.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 19 Jan 2024 04:42:16 GMT
pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 load.js Show response
pm-widget.taboola.com/editoraglobonetwork/ 13 KB
2 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/editoraglobonetwork/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdd8a03d4f991abc68b26860acf789b9ab8b01bdb33b59a9f5861e68ca07f6b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: avFu_8YDlMZk2FadaSnJ93_6jfhKujAJ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 19 Jan 2024 04:42:16 GMT
x-amz-request-id: AJAQ6631SS6C6VZ1
age: 2121
x-cache: HIT
content-length: 2158
x-amz-id-2: LJ7T7Oby64a2mfP7F+EoAZ8tesbkeJYv4yoECtCb3M079YtXZ5QHRkxol/wOh9Y0GsxzZkxhgnM=
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Thu, 28 Sep 2023 09:53:53 GMT
server: AmazonS3
x-timer: S1705639337.772921,VS0,VE0
etag: "1a3a4c01368008685ab73c00426c052b"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 11

GET
H2 200 impl.20240118-41-RELEASE.js Show response
cdn.taboola.com/libtrc/ 841 KB
174 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240118-41-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 804c82c1f71019d6f077585d76d632a0359fffe3ef1c5b3a3cbfc80319b4aff3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: XnUF.t1z4t2S_Zf0KcnODXR05f_WLNQf
content-encoding: br
via: 1.1 varnish
date: Fri, 19 Jan 2024 04:42:16 GMT
x-amz-request-id: KY7NMS3T64M6WM4N
age: 1484
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 177634
x-amz-id-2: NKn1Bnihluo6j9AjgC5Tn1fqZBzqyXbVTwKhmz+I8sDAQsTxUxENx6NSGefSwYu7Ml1JWvMDWsg=
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Thu, 18 Jan 2024 20:17:31 GMT
server: AmazonS3-br
x-timer: S1705639337.517290,VS0,VE0
etag: "cd33b4a66bfc73e151bf02608aef3fbb"
vary: Accept-Encoding
content-type: application/javascript
abp: 96
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2699

POST
H2 200 json Show response
trc.taboola.com/editoraglobo-galileu/trc/3/ 38 KB
11 KB 120ms
112ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-galileu/trc/3/json?llvl=2&tim=05%3A42%3A16.518&lti=trecs&pubit=n&t=1&data=%7B%22cmps%22%3A2%2C%22id%22%3A%2280771%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1705639336518%2C%22cv%22%3A%2220240118-41-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frevistagalileu.globo.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Frevistagalileu.globo.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5995%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-b%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cd%22%3A2767.16%2C%22mw%22%3A750%7D%5D%2C%22rtui%22%3A%22cn60u5megnxVxzrTa95iPgwOG8ImbzEl%22%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-b%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1705610720075%2C%22wc%22%3Atrue%2C%22psb%22%3Afalse%2C%22pa%22%3A%7B%22en%22%3Afalse%2C%22su%22%3Atrue%7D%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ae2a894f033630d31cda16ee77cd402451826a8c5ad52a883a9a5a6f6c9ae99

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 103
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.12104166666666666
x-fastly-to-nlb-rtt: 7560
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230026-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1705639337.530680,VS0,VE103
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame B39A 32 KB
32 KB 17ms
15ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:17:50 GMT
x-content-type-options: nosniff
age: 181466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:17:50 GMT

GET
DATA 200
OK truncated
/ Frame B39A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame 146A 32 KB
32 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:17:50 GMT
x-content-type-options: nosniff
age: 181466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:17:50 GMT

GET
DATA 200
OK truncated
/ Frame 146A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
788 B 24ms
22ms Ping
application/json 141.94.254.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy07.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEA9 0
20 B 44ms
44ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=122494188318&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEA9 0
20 B 44ms
44ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=122494188318&version=m202309260101&ct=76&x=1&cor=880530951580817200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CEA9 16 KB
12 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1LZeo9WoG9lWqr4jI68B4WAV0UhkXysio62c3ux86vomILITC2PFFAC8yJ91aEQWQVZv0tN910gpZaLR_k4_UU1MK7ofgx__vk6mu5W3PY5GPlQhQeFQqE1GdPvLkOt9-JywDbQ_L0vF1P_RqfxDCMaMc6g2LLIXSnIg9_6bedO0e-xo&cry=1&dbm_d=AKAmf-C5xeo1tE10cCDY9Bd0A0SK5GnF7BFOwLhpOt3Wh54RKKHY06FF4IyAKlVsh-gLVXkPUIqefAn5XohZxqhwKGWzJtFixPGAVPKW4CMTk8XUfsQjhAFeVFMPYX8utfCbpeqCqvYrV3H6U55LXJnziZ9Tebi2ylRGlVAw1hN0lHlSnE3cWB6kF1FRq7u8SF0fAveyQQ60CDsstsGIUUevoDNtOfEAh0ZQSQRD8M5iOI4jpnYetGan-ksi-gSUap0fdUWszxAf7WzwLb9e-6HSzQRGItC-KDqx1z6eJcWS-fjbKUlSKD_gI_LEwKjojkYFuqTW2PZyz0tDt6T3-d7haime8u9DQ8Dc-qWAD9cSpIcDjPKlD5b_mFb0uz3EHtvAeKmZO7mg39UHqN7kjYFDtbW-feimmG-vJE56MAzf2sEg7wuDQRjbKDi5pjQMK1sbOmBPWZG6jEEWitZLkj9WJbTCD3wGmSy1P2-0UxR7Sc-VfyRx9Iu0eYzAyfpI6Lkjs9_KW7kosOO9uN4g2ZPZnsMaQ2mt-lSn_rLB8afErEyGVVmC7PVmazsJd-cCEYo8u6mRIR9KkdiJde5sOlyURkHJwxQMusJnCM1lnRgQYMdNwgW4XoKPuKhQCrcsaHcWKtidfI5-YPMQICUdf4ocGfueBw-V9Rw2jOw5HXVoLftmUQXonBBZvlOpPR80bj3_ZNrP1qGjsiTuI4Bp08zOc9R7koHj7VwrGP2Obb8HwQvFSYjmx6t9IjUSp2hoPpUHkN0ASWR_avfz329nfsqy7d3acM4_MLQco0PV7XjUYf67jxucBtysP6xSP9Ba9BhNcHN0zVj6xA3o3ixPj_7G-9so5GX1pp_HQiewVtwpPqgpc2xvQ1W8BLhVKyrpoQMeWxc8hLpiA7Vg-BNFCzOkiyb5ez_bWiXt8RzZEa6hGz7W-ZcAzuE0c5ffaxyo9hw1OAzwtPjEm4resQ3234kTVcxHNuAXo82NR6Z0uWXSqirjBSp_rcNvaKXVq4m9ScD8qB5PEn0kqAvNjqO93NOr9GW1UYPeajaZ3XqIuz7xgMOfgqZ7A-l3w90lCPcV6Fsrw0S5ql6Q0wRuAgr5_Rig-vT7t4kbg3LVtPc7x6SGhjyRPVtmkQV45dT32trw-2E5QSeJai4d-JP1HlifVcb2W2EE96D8x29BkvvIvrh-Mq8gD3TSg51SfdklXz7K3s2ta8kBWIiuM_iXM1vADADFV8tijZecU43G63n7kEizgWNFvO6O6akPwnS7w9BH_Xtt0EZ-i-pIZdpxbyFY5PL1n5r628sxZnTeYeVsZxMUHBPrTt-aOihCLrw6iQ7bKilwI1O3RhV5-NmZ7Kl2Dq95WhH0yOMiGIwV1LwUDkagLqVxwzbyGlx1QIM0xtATEJ3MARZEuLuflmSXXtmkYrHesQ1M1ahQprNG3yFjff5S2Cq0MWMkp4smZNDn9Hx1N1IKPugXUmcstUHIBq6MSFgbYLpZ5R7EsjOm4ciinhYHqInw9qzmx6pWrtTEuTz4IYDPIArP1KXd7tcC0QfXuImp_To44QE78ZPGBYzp0WtSXGOsXTTl8Cfn_MIIPSfqX42srXCe8PeU0OOX896Fr2Id-BvYplFkiPmuj0NfNVsnXsLC2fCnR_NmvwAl_eZ56cQAzKxRBYWwGX_fB_8NJeXGIK20vF0UoyoX0Bhj6-o949htjxqbQXegz8PajbT4XhVPKSW0L0NZsjxRsH_rqwKyCyLJYFalLkCCHrn1otw1llu3cbz9yOM8snoqbbjethfBSkFa0L9MLIlLT3untOnaw1qTlxUm_hmhuJgsxGWyY4hVqsmVcxGYbgt4qVWOG8oV29WIU0Fi0-BhUiT9Z7VvlCNB0wrLFazuEjJLl1W4q-UqtRWElkuexfGTVNFeEJUwajfnS-pyxsfOYIndabNLiCur3W2K7fbOnWe3iKiwmWQ8swNAsQFyFlkWUoywqsU_stBpqV-Vdi8z1pDmgpsckuDkLiij1eC73KlodhcNnATmybYyWGck4srdWrtMmfvJUg79izgfKhMGKjbqVCRR0GMA1fnwFtoauTRwfsGaCDbisAKnVrN7IG03t8_Nf4bfMqC-HoaADbBLN44qtzmBGHn_-TDco5I4Mgq7VLeTN2T2KfgT9lxoyWfUiOfixtB90NHLK7EedfptHskDBwP_cDT99g0v-ZL-hfaV2cVFxJlNoOQ9JEBivTNfLfpCIXceC4H7WPaNmu7oqgYCD0fS5YDhIjXqEPyr7mLsGuUN5qWXgndk7zyooFMfAUE4l4txc_dWUDLIy49WKdTdeuH3Dg3TdlkGA3Oh-nyn_dK1E45KA8F0_9R4LbO0p7H7mV_-OnW1W4cqy6r-L3GZc25MA0kHv5ylB_MiMYdQwrk0RkJcKA-rkxJgE-YDB7lCjAw6vgqZdpTcAQYYdYgJ1P-Y7Imfj-T78Y_iaDJWDntegO279BkkpVigwxirfyqJyw-j3Fst8Em1mpheW2Jd5a-OE3ysVDqrZX0yQM-a_44kcFvKdZdCWCOT8ICbJei_WmqtSLyhiEzff2AJGzFr059j3fgUGo8WcRnKFROVv8KCOOMW5YeKtEQca-5weoaF3F12wqv_yRem6c5MEGn5DHa-gaPtG74wCbPBT85bobG_cNdao7ntj9hDfSabAeiCvzDlRd0jItNtE_N-17fBuoN3_LZIj64nUOlkraIyyoqnGyjfBr5s5fvxbe_2zmilEVnuQtlhtmlAHMLiPMxT4mPYnCom5jcmmUjLuifHRDLFuBwxniQd4FpFZ7Stf7Cx0GiKvReO6SMJO02DMJizTXMJuAOH_Ib08GLnBk98rH1dJmPLrEPxxB_8JfD3MiaF4_SVJyLAs3AnyME4GqnwcrJFNmbouPKGZioybJ0cxuQZLyO69XMsyVlurQH1P7TNP1FnHvBqlTaNWoNGHE1QernsXk_4MnrjcPffGYunwOIV7TZ38Wu_i4RTseXbRYIYFon4B-Kcva9fc0w97b1qCo-I5mF0yA9W6QsFGwdLFaEC5w6DVlf8irhke9jt23tC13XlDUWtLjfnw_QbNw-gtwR2pEHaBpqT2bXuKHLN8P9dxKuWR1-GZyMPY5bNrN94KpqbsM5p17Z026D26V8UW44VCSZpIdyFoEmYY-_b8tXO8wTVmv7hzQi7ytpKEBshi-M8cPuoBsv1Bro4NUAMwy9hlVFgLxhQyMQZM9Aot5WrJzJaFVKPksz40hOSuVQi_jEscQTj2NjzsE11_hmueLdvbUEAtIUzlk41qhWIX3n6R9dXYZJ2WSlbO9slk_Ex-PImqfEp9TX6m4n6XA_vRrbw4J47GO0y7g&cid=CAQSOwAvHhf_tsGowi094LU-7PJRv-9IHrtq0Q78EFwQN1ZVc6PltwFmdzmnIT-bG1YnzlaKCZucu2NAuo5NGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Frevistagalileu.globo.com%2F&ds=l&xdt=1&iif=1&cor=880530951580817200&adk=4188270524&idt=175&cac=0&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12686c7a9b51939d15ea095df5230cb48b99036a3462a6656c68daf2622968f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12381
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 144ms
136ms Script
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=13fe6cb742e6c86e1b02a9966b10&acc=13574&url=https%3A//revistagalileu.globo.com/&tit=Galileu
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 847c68feeadd30d6-FRA
content-length: 6
content-type: application/x-javascript

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
338 B 117ms
29ms Script
text/plain 52.209.60.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=13fe6cb742e6c86e1b02a9966b10
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.60.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-60-100.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n018-dub-prod.krxd.net
date: Fri, 19 Jan 2024 04:42:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1705639336
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 22ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Fri, 19 Jan 2024 04:42:16 GMT
x-amz-request-id: 9T8G4R1J257WC6ZV
age: 1835
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by: cache-fra-eddf8230069-FRA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1705639337.664981,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 2
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 3765

POST
H2 204 metrics
am-trc-events.taboola.com/editoraglobo-galileu/log/3/ 0
252 B 16ms
14ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/editoraglobo-galileu/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://revistagalileu.globo.com
pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 abtests
am-trc-events.taboola.com/editoraglobo-galileu/log/3/ 0
252 B 16ms
14ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/editoraglobo-galileu/log/3/abtests?route=AM%3AAM%3AV&lti=trecs&tvi48=14791&tvi50=-50&ri=ecc4182b512c63937f75eb3cdcfa143a&sd=v2_4bb29d8817bf5cbcd543ee3d70ecb9fc_ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328_1705639336_1705639336_CIi3jgYQpP9JGMa0m4DSMSABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABom8ObpKOcg8HSAXAA&ui=ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328&pi=%2F&wi=8255381411081868912&pt=home&vi=1705639336518&tim=05%3A42%3A16.651&id=25976&llvl=2&cv=20240118-41-RELEASE&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22brsd%22%2C%22type%22%3A%7B%22esv%22%3A%22ES2021%22%2C%22c%22%3Atrue%2C%22ss%22%3Atrue%2C%22ls%22%3Atrue%7D%2C%22eventTime%22%3A1705639336651%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://revistagalileu.globo.com
pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 container.html Show response
447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5653 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:13 GMT
expires: Sat, 18 Jan 2025 04:42:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 card-interference-detector.20240118-41-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20240118-41-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f73b7bd2f95f7f086c8fd4b30dd9319cae31317d20ac4a8a72ebc36f8735337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: VpCVRiYpaqbUsByT8PkDnzceadUsg0qM
content-encoding: gzip
via: 1.1 varnish
date: Fri, 19 Jan 2024 04:42:16 GMT
x-amz-request-id: PCM5XX9CP3093BKN
age: 30221
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2181
x-amz-id-2: fN6CBVGQ1VLWypE7aB7R6lufafqesLPNkac62tNGd3RvW/z9004JRBSsqRqGII9Op7awTXE5JOY=
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Thu, 18 Jan 2024 20:18:36 GMT
server: AmazonS3
x-timer: S1705639337.685703,VS0,VE0
etag: "df8ca5fc3b909694a8641899f0c7eb74"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 44
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7721

GET
H2 200 8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 451 B
566 B 8ms
7ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding: gzip
via: 1.1 varnish
date: Fri, 19 Jan 2024 04:42:16 GMT
x-amz-request-id: P1ZMBB0T9Y9YWV7J
age: 19586
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 222
x-amz-id-2: uPAIFagt0s+APQt0blFznIDw9jNKchjHshOYqNEiAqN1dxhSV+WYV5CdkFTYPuPKAc5H1oQkNFc=
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Tue, 07 Jul 2020 17:40:49 GMT
server: AmazonS3
x-timer: S1705639337.696206,VS0,VE0
etag: "1802e318f880ad7e5c7030e9da649cf6"
vary: Accept-Encoding
content-type: text/css
abp: 53
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 56

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:18:08 GMT
x-content-type-options: nosniff
age: 138248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 14:18:08 GMT

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.7.5/ 120 KB
34 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240118-41-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60f52d034d5da2c2451a148186beb02c2f464cfd53c5e8bf09c804d3ff1c6ce2

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
via: 1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P5
age: 1622423
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 33988
x-served-by: cache-fra-eddf8230069-FRA
last-modified: Sun, 31 Dec 2023 10:01:09 GMT
server: AmazonS3
x-timer: S1705639337.903631,VS0,VE0
etag: "29fffae19b471dcd8c1242f0f49f3381"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 41lGyppiUOUk40b-8KcrnatpiceCPnnHbJ07k0o9CCYeEp6X7o-YfA==
x-cache-hits: 69968

GET
H2 200 userx.20240118-41-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
6 KB 8ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20240118-41-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3328466a419a882471ab33ac36e8340f1ec0cb1da5589a4cd9667d738799c3c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: b_DpxyvCQmUbMVbb08jixtgxC.VmmdC8
content-encoding: gzip
via: 1.1 varnish
date: Fri, 19 Jan 2024 04:42:16 GMT
x-amz-request-id: V335SKYMXKK5JBR8
age: 30256
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5540
x-amz-id-2: MmIDQfYAgkclWDj/KmBe1gjvV5t9XiaYpvGsIkPAl4YuT0gcVnS/sJhS42JT8jbR8ktRI5WgKz4=
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Thu, 18 Jan 2024 20:17:37 GMT
server: AmazonS3
x-timer: S1705639337.710903,VS0,VE0
etag: "da5621964acc3405908bd904ad8b966f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 46
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 6615

GET
H2 200 distance-from-article.20240118-41-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 9ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20240118-41-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b59d95c1e06a1f6e95dc2866e03eb15bc1b7aba96f38dbd418eea32922d941b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: tA4s3WTaEMTG6f2NfakaQKtC3P3A53EC
content-encoding: gzip
via: 1.1 varnish
date: Fri, 19 Jan 2024 04:42:16 GMT
x-amz-request-id: J86HMKQG3Y24W1R9
age: 30227
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: VeFKXHrE2P1VICuvguuufTiNlancBKOM7yW1Q8C1ItyhTb2INb6zA9/kDz8AG5YS+0S5LaospaE=
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Thu, 18 Jan 2024 20:18:30 GMT
server: AmazonS3
x-timer: S1705639337.711352,VS0,VE0
etag: "0f17bf8624b50fa8a693124fa26b6c82"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 78
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 32238

GET
H2 200 article-detection.20240118-41-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 9ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20240118-41-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c86a31c37afcc73acab5acf33237be17ed5b6ccf524fb37cddfd91a75a523d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: Q7dh08rVTzpjQ7eL0y9HG3PzL6z8J8UX
content-encoding: gzip
via: 1.1 varnish
date: Fri, 19 Jan 2024 04:42:16 GMT
x-amz-request-id: BST7JB773HWGKR7B
age: 30215
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1292
x-amz-id-2: edn5vaOx9E4Efr1BmYiVPEQJzr/ISfl4ejbrAA0pZiYYOXlmIhZuflyv3ZOo7JM9YOnP1794xSg=
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Thu, 18 Jan 2024 20:18:41 GMT
server: AmazonS3
x-timer: S1705639337.711465,VS0,VE0
etag: "21009a8c6710a476fe270d3dda0e7104"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 32220

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A603 466 B
235 B 53ms
51ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMigmAEQqo3fARjsq7yCAjAB&v=APEucNWC4kVqtnaG9qkk2M327sdihLKEVaY9rJAUWgt0Dqq_xfOI3_sOIohusUNBxBw3gTS_HJ3gkWsNk8FdxQvg1HFmPlPkSuDZLcVKrFX0osHTzqftEEPCEVF7kIn0WczFPnNrahvmOjJMA1KSDAtS4TlWDPWNDBPabCUNBhiK2Q2ZTQHHMlE

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5653 89 KB
31 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 04:42:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5653 42 B
63 B 45ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALreI1RWKBO1xonpcEP08ICt-dPWKtJ2uZgoHsOhgEkopuzHUfJFA0tSZD84GzawMxitwuni214V2ToISqZCullVLBI65Tv5HMy9MoyZnM91jE3nA

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1806749/77544531/xbbe/creative/ Frame 5653 278 KB
83 KB 37ms
34ms Script
application/javascript 34.251.209.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1806749/77544531/xbbe/creative/adj?p=APEucNVQBM3flZcx85qGvX5SklzynvfAD1oUAuVOEYjtags22mxCcKg&d=CpkBAKAmf-Bh-FV0UE1wORnbo8TSEUDeCIXXZGi7znNT6zUdoIgoNrMkV5Cuv4-rkvPZ3tST8_bCcsK8LXV5ytdBv7ecYjnx0XFFGEXQ_fkxTBDXM3C_S9ODQ3K5C3El-BO7CJxD8H3taPGIX90AsVlaWeuc-CW0YBASw0Kt1nuKbfmn_otaYQ_HJNR9NfGPijyPxBeqrwCOb8-zEvkWAKAmf-DxIl3TfEnNyc9R8MStfWgzCG5sF03j95LEyQoXXTD6Q0gGxC8_wRYQy8n65aCq0EBLXGjGMATx92j2BxWahT7uRTyv0u360zDh_tjEsp8lFg9-GEzMbeNdWU7uyZgYaxPCBC7YOnitad4A2p-PW2XOt4370IA5xJ2ygqfiooUWGy3cxztFISsBw4UpJxhHbw_fiK5dBzM0PqSKntvuBbr8_x9qBRaF_SFV65nKsu-BSMxJbIkDnRMjPWvcl6g2ZUjqxFBRlA3SFGHAS4TyIRWfxhDV3BJggYMHMSSKqd0HYx6JIW04Y1zlTTz53K8WG7Yz_Ivr_GdR2p2lio49tYjB9Xd_fUF2Vkia-9scGNzgdznLFZ3qEUbQFARKKsHtY5k6a_mxqnA7HPLbSyWQ0G8kahWtKRgn6T28TQPtsl5qZAPpWZkKKfMQAXjACAHO4oeuFD_XkpC92O5fEnktCCRcQcBtbjUDT2YS24UnJbcSjNW3nYqRUdR7RqRjGw4hrAyd1dGS3qkow0wajuTtnzOh4FOFAVA_vmepbT01GdnF0k9pGCad5xbqi5Gk6CbVyFJfufd0JAKcb6LTBe2YjyPkK0H4qOcBffYeCq74M76PikUJYNpW43WpNkOziQM0K8tFs4E0CPmxx6JkzBV2xZJAGaDd44eBwngz4drUSEHIoEIKHKxa7qZHlqJylynE5yOEeUTvmZocP-FzPxof588VUahJJGESSBueCT2aQCYzV4l9gt69liHFpwjaNxt5AmB_Iwol1PG0VU3nm5l4qRG8qXDfkY8OLY1nFr_oXZuSbxv-03fKz40BBaTrxl3FO7zuwiscWVVbpSHSpONSFC6XR0QAXXYA4rKN73aRXOCphI8QiDWHb4jykWqP7OVHhXkQMxq1fBIgwoGe-P32e2W1l48zJnyicbDaP97lWu7wnPsCEIWef9jLdxcEJNayLDqLbd_95VY7GqWD90-YrvW_7yjbYRVK3kpfZv4NPXlST9YRZhWrHsgRhXZ2hKHby3vPF8PNhScVaEKflPYZ-qJcD2HFKoRllqsXuhsqwe44COJwGYtUU7hTC9a_Z8Tv58yPzfTjI9PgUWtmLGNjDlXoDVYZZsOaZrLfOEgN9gmgwMT7-fJjPIK1RHwCaO0g1IsA4Oq-gMGE5M-r5BskZLL3-P-GQxG072rdjqhWOp-20m1Ur8OdLzJXze5OM8oZ3jd2r1GYOLPCLrmgY1p1mwC3NDDvYuSLhhPjC6DRzLWUTzQhXo1iqqrcORPAa385A4kJNAPGgHpaS5lcTDBjbdpeLLTLaXminYYgziT9QRAOBoosbTa7W4_j7JuP3nmy20QhrQOvm6Xp_nO0rZwXJUGFn4ppjlsL_TmocmP_4gNFrDmPvyZUKS2bbXagNQjRo8ncrz-A7j0byBSgGR2JbcTXVBJDaNzspHcOsJB-c64_T7A3bjEQ6IxwLYzb7a1bYY6lOPop8Mdk09LM5MXeAdJFOM2vR1U19cYZ8g0JyvNK5DHxwYpfg1H_crHDHRfoR0h8a69uDe9ulH9NlwJsZEUL2m_j61-jdE9nHKyiGMdVKnlTYFIlVNjGWFHiMLhL-wD8C6-kYUVbZwPjuCcH00SXYw5qcb9pgr3INMzrLQRzI6l43rdkReS1VsDFUgSQ5RlQtUcjVIvK_RE6ofsWzUt5DlsB_AEXTXgE8u4Ysf7sHD4N228FmX7Bl9brR-pZ1RWt8YVEMzY_P-AsfogHJAgbDrPPz-MLsONgspUHKlYTbA3ll4VAvATaKR6UDa_Axm4wuCFTlZKRb9XmT3s0jF-Ci6buBxl-yQWvien0TyURVgktToqNNFdSD-1MpHRTm25M2I-6v64zDrbsw4_hTkB177xZy9r-l1NTbXxWsg9e3_luKnpRXRoJD7vuCCbx777Dq1iQNRC7r-fBZo2t1sLZZNpuSapEllfJzAEqoZGJcidtjEGUOPuU5ZxRpFpr4lYufB99VDseuFJHVKqbzpNkk8KX1vY5XjIVoTo74WdYhnpKY5keusIKYwYMZgMx54_UlrcAc_IARwq3Gdpa_dOl2AE1ZtxGfYPsXgIgNVabT3AL3wNLgB7SNdZ6A98BdV6HMdZ9_-5zZ5mmMACJf0qE1yZ7fCWQH1kwKeoxJEDHOGOU7XDc6SfFkDSYiHubLBjfkpFjbS0q9paZKp-pf-bcAlFAbryGIfAoy3vzMD90WjWWVNH5S2bQh_Wehq995OIlcQHTou28K-y4g7Gs8Dl5ELcGfzbrZiyCjhjkWfjQ4Yp0fKXOJdUydHN_ErTf_6RCutlvPYwEaINp03d7WfhSPcXER8DUzkPR4_eMgAHufT_25b7GOaMYwl2f-uWgpAQwwBPJ2aIZacaK0wJ8wBYpnU6WuXb68trHG2U20Tr_bI4awCTU7cSQlDoBpSLl2WaOPjBcgBFmjs4En2sE9oZHJJCa8yQ-7_EFNg6sjDU1BcXAEHw6F3COOnDkW3KAx1Q-Gq6_dlUidHBuRusRB6SmVX6YJyAX6Fe4Vw3Ghjnxvaakt19SF2d_TJjmG_r-rOPJdGgQD4JfKYJhdrHPE9NZes59FsnB6MzdEVwLtD67mrhEMpadSEk4M5jTqIOKr_DZOpYHS8iNmV4S_jd_l4GdXLqHn5PhsWD3R88OVcs_VMS7tDEbDip18A8dqQ1Qxi1dbgkz9QE5vzat2hp2qu5HvApvuGS0kanFq6LjAdnBweQ3lvrdaCDvVTH39yT9kIbQVKVhsc4AQHVq14CpQsDIx5CvVJtDBgHYWCnfzKYykqW-1kO7mbvxE94XAj9emYJ4yEShQ7tw3gyNxse3-ifcPOmP0u27WvtwYrJKC0UQFeyvFXLk369gcmnFxzcGCU9S7VEF_R2UnV0Reb3LYcF3wYfrXvVz19Sci8pLD8ptfJZr1ytjIHWn7ybSXvAq9d0dUP8kPIF5UoAWyvrbReWAzDnFSoo0azWdbKtfDJcxyU-IkRDC_mkrjI4STF3GuT3YNjtxCSCcxeHKqim7jVYNkxcNarOCl8qkJbQR-ZGM2nmkv9Xubv4FZOPWq48MTQDsdFayp3Cm9pPw1l4f7O9tImqFCGu5FgANNh4L236k3lzepvbPmmAXGQtsH_F61dNdMPngzSJHe0aMckl2VFfbt3iyS40FMQPt__MZbqQtjrCnDwRW99nLCKh5QyJhbI4lQlrPaFvwAexQ8Jabj4WiuhKmw61nXS63rr3bHIws3Nhy7ukKv9XU-3KndV1Wj_zgB30AAVbT8a2N8r8-QDUaHMZI4G3Upiz0qbmvm8BMrPJPZN8Spi_6xfd2l-ACO9tNn5NNwjrH7DVBwJnVQpOZF9PRpEY7znYMnl9iKvVrIoo9CknzVo7E9CyRM2TrHv-rDDaTYBiq_yvb2_IW_W_gTw6excEG8CWlMz7W4KFFOxYpjolmE90EwlB00EOBatIdBd1Md4c-ItULxL_rDdROWflVX2uY3YaQud7ZSmGXUjbeJyWpSDwCWZhJleoFXVxUfGu0YKUwp1eSJRNZFhLx1UYM_GLatIN15WSvMvXmhKRYPmy7H2CGAJD-tkE_DRkDuj4c8pUufXxvlRyzxrYXuZCwMDNdHABe6g15uTJZhxuI2wmGn-9nPWATB5hXaYu13nTC_rIxegcdbft5ouFxN_hybbsMYIZznBubj4BLbHLVPFMAVEnYC_GekoSQcgTjtem289ksgVh5ufYAwyKVm5LUEqUJo5_6iELXfcPTZaw1fILMcgDOn81N731dXazylsUg0emOl4zQDEP6mxZAzv6wBVTUuZh-yBiwfz__blVDxn1QPLYjv--Mc-k8wLqgHYcFzsIZO2thAZ785pi055LdIbILXfm4bZDgu1PdsVJp6BNvKpk0SULBFY11X6IV8bbOGkEIBBI7AC8eF_-El-w2lFwdExplGWWneS0uOwf-jri7EscdY3u41PpYUGbb-o6Qav84oVuQanqXuKJ-ynj0mYQYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1015139120&ias_pubId=pub-8828587149473437&ias_chanId=1&ias_placementId=20855602476&bidurl=https://revistagalileu.globo.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0ic6NfWVbFaa9IAQQA2zvjX
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.209.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-209-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e592f206e11271c92f3910969d4bb601d099ac579362bc4de65215286defea4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 5653 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 5653 20 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5653 0
0 56ms
20ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvabBCNljjfbaM2kTpVbktgQWAkLN_1kVZlychzopkMyw1AtXJ7T6ad8RxlVHKC24cVE7bdJLitQISEqBpP3OUSll81Q
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5653 206 KB
65 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 04:42:16 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame CEA9 41 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1LZeo9WoG9lWqr4jI68B4WAV0UhkXysio62c3ux86vomILITC2PFFAC8yJ91aEQWQVZv0tN910gpZaLR_k4_UU1MK7ofgx__vk6mu5W3PY5GPlQhQeFQqE1GdPvLkOt9-JywDbQ_L0vF1P_RqfxDCMaMc6g2LLIXSnIg9_6bedO0e-xo&cry=1&dbm_d=AKAmf-C5xeo1tE10cCDY9Bd0A0SK5GnF7BFOwLhpOt3Wh54RKKHY06FF4IyAKlVsh-gLVXkPUIqefAn5XohZxqhwKGWzJtFixPGAVPKW4CMTk8XUfsQjhAFeVFMPYX8utfCbpeqCqvYrV3H6U55LXJnziZ9Tebi2ylRGlVAw1hN0lHlSnE3cWB6kF1FRq7u8SF0fAveyQQ60CDsstsGIUUevoDNtOfEAh0ZQSQRD8M5iOI4jpnYetGan-ksi-gSUap0fdUWszxAf7WzwLb9e-6HSzQRGItC-KDqx1z6eJcWS-fjbKUlSKD_gI_LEwKjojkYFuqTW2PZyz0tDt6T3-d7haime8u9DQ8Dc-qWAD9cSpIcDjPKlD5b_mFb0uz3EHtvAeKmZO7mg39UHqN7kjYFDtbW-feimmG-vJE56MAzf2sEg7wuDQRjbKDi5pjQMK1sbOmBPWZG6jEEWitZLkj9WJbTCD3wGmSy1P2-0UxR7Sc-VfyRx9Iu0eYzAyfpI6Lkjs9_KW7kosOO9uN4g2ZPZnsMaQ2mt-lSn_rLB8afErEyGVVmC7PVmazsJd-cCEYo8u6mRIR9KkdiJde5sOlyURkHJwxQMusJnCM1lnRgQYMdNwgW4XoKPuKhQCrcsaHcWKtidfI5-YPMQICUdf4ocGfueBw-V9Rw2jOw5HXVoLftmUQXonBBZvlOpPR80bj3_ZNrP1qGjsiTuI4Bp08zOc9R7koHj7VwrGP2Obb8HwQvFSYjmx6t9IjUSp2hoPpUHkN0ASWR_avfz329nfsqy7d3acM4_MLQco0PV7XjUYf67jxucBtysP6xSP9Ba9BhNcHN0zVj6xA3o3ixPj_7G-9so5GX1pp_HQiewVtwpPqgpc2xvQ1W8BLhVKyrpoQMeWxc8hLpiA7Vg-BNFCzOkiyb5ez_bWiXt8RzZEa6hGz7W-ZcAzuE0c5ffaxyo9hw1OAzwtPjEm4resQ3234kTVcxHNuAXo82NR6Z0uWXSqirjBSp_rcNvaKXVq4m9ScD8qB5PEn0kqAvNjqO93NOr9GW1UYPeajaZ3XqIuz7xgMOfgqZ7A-l3w90lCPcV6Fsrw0S5ql6Q0wRuAgr5_Rig-vT7t4kbg3LVtPc7x6SGhjyRPVtmkQV45dT32trw-2E5QSeJai4d-JP1HlifVcb2W2EE96D8x29BkvvIvrh-Mq8gD3TSg51SfdklXz7K3s2ta8kBWIiuM_iXM1vADADFV8tijZecU43G63n7kEizgWNFvO6O6akPwnS7w9BH_Xtt0EZ-i-pIZdpxbyFY5PL1n5r628sxZnTeYeVsZxMUHBPrTt-aOihCLrw6iQ7bKilwI1O3RhV5-NmZ7Kl2Dq95WhH0yOMiGIwV1LwUDkagLqVxwzbyGlx1QIM0xtATEJ3MARZEuLuflmSXXtmkYrHesQ1M1ahQprNG3yFjff5S2Cq0MWMkp4smZNDn9Hx1N1IKPugXUmcstUHIBq6MSFgbYLpZ5R7EsjOm4ciinhYHqInw9qzmx6pWrtTEuTz4IYDPIArP1KXd7tcC0QfXuImp_To44QE78ZPGBYzp0WtSXGOsXTTl8Cfn_MIIPSfqX42srXCe8PeU0OOX896Fr2Id-BvYplFkiPmuj0NfNVsnXsLC2fCnR_NmvwAl_eZ56cQAzKxRBYWwGX_fB_8NJeXGIK20vF0UoyoX0Bhj6-o949htjxqbQXegz8PajbT4XhVPKSW0L0NZsjxRsH_rqwKyCyLJYFalLkCCHrn1otw1llu3cbz9yOM8snoqbbjethfBSkFa0L9MLIlLT3untOnaw1qTlxUm_hmhuJgsxGWyY4hVqsmVcxGYbgt4qVWOG8oV29WIU0Fi0-BhUiT9Z7VvlCNB0wrLFazuEjJLl1W4q-UqtRWElkuexfGTVNFeEJUwajfnS-pyxsfOYIndabNLiCur3W2K7fbOnWe3iKiwmWQ8swNAsQFyFlkWUoywqsU_stBpqV-Vdi8z1pDmgpsckuDkLiij1eC73KlodhcNnATmybYyWGck4srdWrtMmfvJUg79izgfKhMGKjbqVCRR0GMA1fnwFtoauTRwfsGaCDbisAKnVrN7IG03t8_Nf4bfMqC-HoaADbBLN44qtzmBGHn_-TDco5I4Mgq7VLeTN2T2KfgT9lxoyWfUiOfixtB90NHLK7EedfptHskDBwP_cDT99g0v-ZL-hfaV2cVFxJlNoOQ9JEBivTNfLfpCIXceC4H7WPaNmu7oqgYCD0fS5YDhIjXqEPyr7mLsGuUN5qWXgndk7zyooFMfAUE4l4txc_dWUDLIy49WKdTdeuH3Dg3TdlkGA3Oh-nyn_dK1E45KA8F0_9R4LbO0p7H7mV_-OnW1W4cqy6r-L3GZc25MA0kHv5ylB_MiMYdQwrk0RkJcKA-rkxJgE-YDB7lCjAw6vgqZdpTcAQYYdYgJ1P-Y7Imfj-T78Y_iaDJWDntegO279BkkpVigwxirfyqJyw-j3Fst8Em1mpheW2Jd5a-OE3ysVDqrZX0yQM-a_44kcFvKdZdCWCOT8ICbJei_WmqtSLyhiEzff2AJGzFr059j3fgUGo8WcRnKFROVv8KCOOMW5YeKtEQca-5weoaF3F12wqv_yRem6c5MEGn5DHa-gaPtG74wCbPBT85bobG_cNdao7ntj9hDfSabAeiCvzDlRd0jItNtE_N-17fBuoN3_LZIj64nUOlkraIyyoqnGyjfBr5s5fvxbe_2zmilEVnuQtlhtmlAHMLiPMxT4mPYnCom5jcmmUjLuifHRDLFuBwxniQd4FpFZ7Stf7Cx0GiKvReO6SMJO02DMJizTXMJuAOH_Ib08GLnBk98rH1dJmPLrEPxxB_8JfD3MiaF4_SVJyLAs3AnyME4GqnwcrJFNmbouPKGZioybJ0cxuQZLyO69XMsyVlurQH1P7TNP1FnHvBqlTaNWoNGHE1QernsXk_4MnrjcPffGYunwOIV7TZ38Wu_i4RTseXbRYIYFon4B-Kcva9fc0w97b1qCo-I5mF0yA9W6QsFGwdLFaEC5w6DVlf8irhke9jt23tC13XlDUWtLjfnw_QbNw-gtwR2pEHaBpqT2bXuKHLN8P9dxKuWR1-GZyMPY5bNrN94KpqbsM5p17Z026D26V8UW44VCSZpIdyFoEmYY-_b8tXO8wTVmv7hzQi7ytpKEBshi-M8cPuoBsv1Bro4NUAMwy9hlVFgLxhQyMQZM9Aot5WrJzJaFVKPksz40hOSuVQi_jEscQTj2NjzsE11_hmueLdvbUEAtIUzlk41qhWIX3n6R9dXYZJ2WSlbO9slk_Ex-PImqfEp9TX6m4n6XA_vRrbw4J47GO0y7g&cid=CAQSOwAvHhf_tsGowi094LU-7PJRv-9IHrtq0Q78EFwQN1ZVc6PltwFmdzmnIT-bG1YnzlaKCZucu2NAuo5NGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Frevistagalileu.globo.com%2F&ds=l&xdt=1&iif=1&cor=880530951580817200&adk=4188270524&idt=175&cac=0&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/42a553e1/www-widgetapi.vflset/ 216 KB
67 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/42a553e1/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8791270626b8a4fed6d34bc6cc2b10b5a682ce66d8b5016ed60fe711b5d2d016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68593
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 05:15:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Jan 2025 13:31:31 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
105 B 7ms
6ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230069-FRA
date: Fri, 19 Jan 2024 04:42:16 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2

200

passback_970x250.js Show response
static.adsafeprotected.com/ Frame CEA9
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1806749/77544531/xbbe/creative/adj?p=APEucNVQBM3flZcx85qGvX5SklzynvfAD1oUAuVOEYjtags22mxCcKg&d=CpkBAKAmf-C7LS0bG2z4AdvDnJO1-LMZR3efykncthM7z-eugcYcuTDn7Np6-7G...
https://static.adsafeprotected.com/passback_970x250.js

3 KB
2 KB

7ms
7ms

Script
application/javascript

2600:9000:223f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_970x250.js
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: .AUJIbFgg5lm.Sl5dxN6YT6RZNYioRMX
content-encoding: gzip
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 06:23:27 GMT
x-amz-cf-pop: FRA56-P5
age: 80330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:56 GMT
server: AmazonS3
etag: W/"094948b2d1170876fb8e76e432d87da6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: GcUNa30H4gp0pwlcLRoO8vYTN1N361-g_bMFOxEJO-Ib6DPUdxXNdQ==

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_970x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame E49D 91 KB
23 KB 43ms
8ms Script
application/javascript 2600:9000:223f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10384386
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: gavpeJgvPBTHRSbErU18FS9PU0bUCONleAJgnAoF7J_tT3NIEhIZzg==

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-galileu/log/2/ 0
90 B 87ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-galileu/log/2/debug?tim=05%3A42%3A16.721&type=usage&msg=New_CTA-event-1705639336721&llvl=2&id=4085&cv=20240118-41-RELEASE&lt=trecs&uuid=f532ce83a59573a35aea9cd750f650b59f54af2a198dbb675bbe6832320b5fe4&dcc=1&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~3792510702275686001~~UTfwtcKGCJm0n%22%7D
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13370

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-galileu/log/2/ 0
89 B 74ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-galileu/log/2/debug?tim=05%3A42%3A16.722&type=usage&msg=New_CTA-event-1705639336722&llvl=2&id=9075&cv=20240118-41-RELEASE&lt=trecs&uuid=f532ce83a59573a35aea9cd750f650b59f54af2a198dbb675bbe6832320b5fe4&dcc=2&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~3792510702275686001~~UTfwtcKGCJm0n%22%7D
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13370

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-galileu/log/2/ 0
89 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-galileu/log/2/debug?tim=05%3A42%3A16.723&type=usage&msg=New_CTA-event-1705639336723&llvl=2&id=8936&cv=20240118-41-RELEASE&lt=trecs&uuid=f532ce83a59573a35aea9cd750f650b59f54af2a198dbb675bbe6832320b5fe4&dcc=3&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-8192265118090002081~~IYW-iwfECKCd%22%7D
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13602

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-galileu/log/2/ 0
89 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-galileu/log/2/debug?tim=05%3A42%3A16.723&type=usage&msg=New_CTA-event-1705639336723&llvl=2&id=4053&cv=20240118-41-RELEASE&lt=trecs&uuid=f532ce83a59573a35aea9cd750f650b59f54af2a198dbb675bbe6832320b5fe4&dcc=4&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-8192265118090002081~~IYW-iwfECKCd%22%7D
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13602

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
80 B 182ms
182ms Script
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=13fe6cab2621e59f0b53b8993410&acc=46169&tit=Galileu
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm46169.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 847c69004b6130d6-FRA
content-length: 6
content-type: application/x-javascript

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CEA9 43 B
215 B 530ms
173ms Image
image/gif 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1806749&asId=2bd2dd32-5b07-bf0d-9d46-7e5f30f324eb&tv=%7Bc:1IDD7W,pingTime:-3,time:65,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:65,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1MsPN5+11%7C121%7C122%7C123%7C13%7C141%7C142%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c1%7C1d%7C1e*.1806749-77544531%7C1e1%7C1f1,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us,siq:17%7D&br=c
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CEA9 43 B
216 B 526ms
171ms Image
image/gif 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1806749&asId=2bd2dd32-5b07-bf0d-9d46-7e5f30f324eb&tv=%7Bc:1IDD7Y,pingTime:-6,time:67,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:67,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1MsPN5+11%7C121%7C122%7C123%7C13%7C141%7C142%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c1%7C1d%7C1e*.1806749-77544531%7C1e1%7C1f1,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us,siq:17%7D&tpiLookup=ao:revistagalileu.globo.com*&br=c
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET

partner
sync.search.spotxchange.com/ Frame A603
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENPgdrnS0YLXQb0klqKul1M&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame A603 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame A603 0
125 B 29ms
11ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMigmAEQqo3fARjsq7yCAjAB&v=APEucNWC4kVqtnaG9qkk2M327sdihLKEVaY9rJAUWgt0Dqq_xfOI3_sOIohusUNBxBw3gTS_HJ3gkWsNk8FdxQvg1HFmPlPkSuDZLcVKrFX0osHTzqftEEPCEVF7kIn0WczFPnNrahvmOjJMA1KSDAtS4TlWDPWNDBPabCUNBhiK2Q2ZTQHHMlE

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 supply-feature
am-trc-events.taboola.com/editoraglobo-galileu/log/3/ 0
230 B 16ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-galileu/log/3/supply-feature?route=AM:AM:V&tvi48=14791&tvi50=-50&lti=trecs&ri=ecc4182b512c63937f75eb3cdcfa143a&sd=v2_4bb29d8817bf5cbcd543ee3d70ecb9fc_ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328_1705639336_1705639336_CIi3jgYQpP9JGMa0m4DSMSABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABom8ObpKOcg8HSAXAA&ui=ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328&pi=/&wi=8255381411081868912&pt=home&vi=1705639336518&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A943.578125%2C%5C%22articleClasses%5C%22%3A%5C%22highlight__content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22DIV%5C%22%2C%5C%22threshold%5C%22%3A%5C%22700%5C%22%7D%22%7D&tim=05%3A42%3A16.827&id=2501&llvl=2&cv=20240118-41-RELEASE&
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/editoraglobo-galileu/log/3/ 0
230 B 16ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-galileu/log/3/supply-feature?route=AM:AM:V&tvi48=14791&tvi50=-50&lti=trecs&ri=ecc4182b512c63937f75eb3cdcfa143a&sd=v2_4bb29d8817bf5cbcd543ee3d70ecb9fc_ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328_1705639336_1705639336_CIi3jgYQpP9JGMa0m4DSMSABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABom8ObpKOcg8HSAXAA&ui=ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328&pi=/&wi=8255381411081868912&pt=home&vi=1705639336518&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22943.578125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A42%3A16.828&id=6680&llvl=2&cv=20240118-41-RELEASE&
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 309ms
86ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 04:42:17 GMT
cache-control: no-store
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CEA9 43 B
215 B 684ms
342ms Image
image/gif 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1806749&asId=2bd2dd32-5b07-bf0d-9d46-7e5f30f324eb&tv=%7Bc:1IDD8b,pingTime:-2,time:80,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:360,beZ:361,mfA:363,cmA:364,inA:364,inZ:367,prA:367,prZ:373,si:377,poA:378,poZ:396,cmZ:396,mfZ:396,loA:427,loZ:429,ltA:440,ltZ:440%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:80,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1MsPN5+11%7C121%7C122%7C123%7C13%7C141%7C142%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c1%7C1d%7C1e*.1806749-77544531%7C1e1%7C1f1,idMap:1e*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:17,sinceFw:62,readyFired:false%7D&br=c
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 pxid Show response
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/ 46 B
389 B 56ms
21ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/pxid?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: d5261bd8dcd2efba733b553c2094fb263f0c5f1ffd9007140cce35c694858b15

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63

GET
H2 200 getuidj Show response
ib.adnxs.com/ 29 B
881 B 7ms
6ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e0a1c83983c14963ae959a4276b9e026b79d14e7314be42dd495b1c0d179efda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
an-x-request-uuid: b6c4645e-e48e-465b-a580-267b08a69e01
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.135; 178.162.209.135; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 29
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B26C 38 KB
13 KB 13ms
13ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 200888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pmk-20220605.13.js Show response
pm-widget.taboola.com/editoraglobonetwork/ 102 KB
29 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/editoraglobonetwork/pmk-20220605.13.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/editoraglobonetwork/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d324e696d8eff869aba1a11fb57ee5ff41d486c1f4c0a4c41e70c705e8194cbd

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: riBLlp2W2iGvHi8DcZSGRiSyaeJmPBap
content-encoding: gzip
via: 1.1 varnish
date: Fri, 19 Jan 2024 04:42:17 GMT
x-amz-request-id: VJXAPC6WC2V801TJ
age: 844046
x-cache: HIT
content-length: 28799
x-amz-id-2: SEjjnsGWjKPR3DJaA6AjDIZY1Ciku1VPJ8m34b4bPXg8qOQjpUBJ+QVLMWevAKHhP8OrXMNxrh4=
x-served-by: cache-fra-eddf8230069-FRA
last-modified: Thu, 28 Sep 2023 09:53:52 GMT
server: AmazonS3
x-timer: S1705639337.003354,VS0,VE0
etag: "cf865437aa13ed4e856f389bfec9ae01"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 631

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
153 B 21ms
20ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=810549604&t=event&ni=1&_s=1&dl=https%3A%2F%2Frevistagalileu.globo.com%2F&ul=en-us&de=UTF-8&dt=Galileu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobili%C3%A1rio%20N%C3%A3o%20Barreira&el=eg_gc_naobarreira_skeelo&_u=YADAAEABAAAAACAAI~&jid=1691134495&gjid=1438245891&cid=2089446785.1705639333&tid=UA-3612842-1&_gid=1033742940.1705639337&_r=1&_slc=1&gtm=45He41h0n81T6MZG9Wv893492913&cd2=home%20-%20&cd12=GalileuBS&cd22=%2F&cd49=&cd53=01&cd55=01&cd56=%20%3A%201&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=459170999

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 13ms
12ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=810549604&t=event&ni=1&_s=1&dl=https%3A%2F%2Frevistagalileu.globo.com%2F&ul=en-us&de=UTF-8&dt=Galileu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Footer&el=eg_gc_footer_skeelo&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=2089446785.1705639333&tid=UA-3612842-1&_gid=1033742940.1705639337&gtm=45He41h0n81T6MZG9Wv893492913&cd2=home%20-%20&cd12=GalileuBS&cd22=%2F&cd49=&cd53=01&cd55=01&cd56=%20%3A%201&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=108666371

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:51:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21032
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 13ms
13ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=810549604&t=event&ni=1&_s=1&dl=https%3A%2F%2Frevistagalileu.globo.com%2F&ul=en-us&de=UTF-8&dt=Galileu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Botao&el=eg_gc_botao_topo_skeelo&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=2089446785.1705639333&tid=UA-3612842-1&_gid=1033742940.1705639337&gtm=45He41h0n81T6MZG9Wv893492913&cd2=home%20-%20&cd12=GalileuBS&cd22=%2F&cd49=&cd53=01&cd55=01&cd56=%20%3A%201&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1135429373

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:51:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21032
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 341e2789-4028-4095-85e3-b4298b77f63f
https://revistagalileu.globo.com/ 936 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://revistagalileu.globo.com/341e2789-4028-4095-85e3-b4298b77f63f
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43456e168e3c4717928fad99d671fcbef0ade59c9cf4abee8b96851dabd9413c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 958334
Content-Type

GET
BLOB 200
OK 7bd3599d-d99f-4f53-ad4d-e51722af307e
https://revistagalileu.globo.com/ 936 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://revistagalileu.globo.com/7bd3599d-d99f-4f53-ad4d-e51722af307e
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43456e168e3c4717928fad99d671fcbef0ade59c9cf4abee8b96851dabd9413c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 958334
Content-Type

GET
H2 200 horizon-common-hit.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 45 KB
15 KB 226ms
225ms Script
text/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
content-encoding: gzip
x-openstack-request-id: txc015834ffe384755b7149-0065a9fd71
last-modified: Tue, 27 Jun 2023 00:08:13 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1687824492.72874
cache-control: public, max-age=180
x-trans-id: txc015834ffe384755b7149-0065a9fd71
x-request-id: 3248e69f-fa89-44de-a374-1b214269c628

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=810549604&t=pageview&_s=1&dl=https%3A%2F%2Frevistagalileu.globo.com%2F&ul=en-us&de=UTF-8&dt=Galileu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=2089446785.1705639333&tid=UA-3612842-1&_gid=1033742940.1705639337&gtm=45He41h0n81T6MZG9Wv893492913&cd2=home%20-%20P%C3%A1gina&cd12=GalileuBS&cd19=desktop&cd22=%2F&cd49=&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=455604253

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 09:42:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68409
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
788 B 22ms
20ms Ping
application/json 141.94.254.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy07.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H2 200 IAS_PassbackAds_970x250.png
static.adsafeprotected.com/ Frame CEA9 28 KB
29 KB 8ms
8ms Image
image/png 2600:9000:223f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_970x250.png
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: pdWOnfKbVAXycyDHbhFI_OqkWBFerFwW
date: Tue, 16 Jan 2024 04:27:28 GMT
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 441977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 28949
last-modified: Fri, 18 Feb 2022 23:29:18 GMT
server: AmazonS3
etag: "9d3f43da9d0d0679ec0dfea58b2f1d45"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: 7ixp6Z2nRfjkaqTTKu_SA8x597ak9xRQj7E3jPZdqICJkOITENneJA==

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 267 B
369 B 55ms
20ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 5fcf7e991ef48b20b390f127445fc8d41a8ebb42c36518cf1b2ba6124365cefd

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5653 0
20 B 45ms
44ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2302723160046&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5653 0
20 B 44ms
44ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2302723160046&version=m202309260101&ct=76&x=1&cor=13393482593217210000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5653 17 KB
13 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQDz69mbaYHunY6Elq4IrebrFJ_0nPSvDZiAXTUkoNvN5bYsrRxyFcLRvY1ngPizOPCktRajrtY2-oJc2sof2mPe3bzHppkwPnsc_Wjj_N2SFETnvVXKj4yBxAnqEklPtFkBmG2ak6lDaean88aGwVD9umhefXXKFAXNMONkioCuMECD0&cry=1&dbm_d=AKAmf-BShbM-Z_AhoP9j14coTi6StLcWXB2dGm0szLm2rUH8kPlgXUM7maDrEMs5-j3VxoPa_mWRel_2gt3t4vNy6lkrzbdNDQYAVFnZaD12erRLD2LRlO6V3gdrGEpchEAkFQPytFH1B2TwcWg0xib9cf2h72Q301lzxg8jp1-IOUeaLtDzIppZGfNWETmVrwAQPahMTbUTw18hzFtcvF0ZAa9CARwrC3MHyth_n0YqFzCkvXW57wPf0kBL2_PLPb80sfs3ukACE0A4wP0ndi2sLJJNyQ4eiaLC72Z7RuZBILdZ9NgrP3RvAkgrQ_xBChwK9WqUsc3kn0zLZiiQ927p0lukpfyNs78gQK1OZlxjCPvnBeJMc-MW0rCICMKJKktJ1gzIU3mD-tsCWKMRqnl7-uVSmYyPOVwu9iqTiP0vSW32CjodRnfD1mcs8TQ6RbsU8HzhSPiuFtxrTT2Wv3ClEj83VlOMHRBNymXI9nnfW-AWQZf3kI_SHXEk4Qgza8StLbSHReH64nNdh__aC1bJNh2RAv_rhANzXFDDnz_QuEnehvmKtNfgF3UoopKl33dvkict8qMurd5S21jcuxXK7TG1uDf9nkZAERBXplz_dMrkmNj_XS6ZynN0EBLZrqYB_k9SlTDrYh0y6D-nPsnVOiLjcNO8l6gCU_0q_I68BiL5iui2box8xyPzpapJ7sJ-miwMiaR87RtD9ozUkmRa388Mcz2a85VVCdSid9W3S5-cwm-X__Pb8Cd3OIhzQFY4491sJIVsj4dkxJ_Q7WXWq24hbt03xL_NuUaC0D2cFaJjO2zjZj-gnzXoy-3eKDJKkZ1CENil9rqE4_3S_ciM5CujrdtMtIb_1TFn6NjgtdsPROKAbClb8lbZ5PNkAg1xOBW4tHEE_12O3gB1MT-XI8NOtQUsFNL0E5bQeMhwaJRh2N2tWSQzj52ulPYzgWUFTzxPXOVTK3avi83tyZUFxTPDoE6B2AzDZqVsfETM4PEjlq80vOsksHgEKFT41RuRN77nysjoObDUVAjLqbo6zIPoYMNcEnWF6dU8rkVMIC8YSw5o_1UL78GYl88tHpOluwcHCyqMlkE7--no40Xz6ItSvmBRcDhn-V8Are0FveXFmkhUOVFicT9nEubCEnUlAn7PB4yXrXNT7GWozgZ1PEpa5ese1FO_X7GoSlSTs6t997LJVFOEvktNTeVREy6bseh8ISDVkb4czHdA-jPZqxaWD4IXP-H5r1apbuuFYERXfRiRykJLJx1MAfNo7cBBJyFxKXLiq_h6Q9F9rodBucqNZ0dCSyp6WFfj-vI1hOFrdzVRerdHs_0-YXB5cnJYcRtlqoVw5uaoEsLR1a13lUFrq6L3lDeMFdyPl0ThU_HsmF7E-51g0D9r-ntvL8NPecE7RTe7wyXdPBv7h8eN4u15bLYmqAt8ZS4kP-8dEQm2utmJNBxxgl26d0qmmICGdUI24jFuOUJUnh17jJG4Vv-HSonYQhgGLgTMUVBbXElS5plGCE6taseE7BH5FHCfTvKhiZ9xPS6y2pU1NNf440mn2NXjkJbZtFSMSbFCgSVztBYJ0mw-Kkim1esJlHa_cs6rzdG2ZPLQyHWPYhysEa7u_17fPLI6TlpKo3LdyiqTrUSMgCmIHfVYQUjidcnONEU9mNdpgbF_9ubcU74c-lHvhLM93NrA9bFks2Ce4OYXZCUvv8tDIG0Ud2C_FWpM7h1rkhimRj-79g0DZJvwy-blqa1QhJJlBVpAByZ_b1E1Bqb_ff8bQENUxg3dhPxQlZxVZLhX0EpTbRqYV-iuLvmRX9AaAc1-lEKc8X8eG_8WEVCbuXizfYBlJZFC1Umz1nFjyW3TRwAz4aNHiat7PGO-g0PeCgpLf2L0kexuAkujiY1D1D3O5qLLfRchtGgA4FdcrHlV7oWVvMj8FP6R2dazVBHjSoTiRXq0Ynms0QwIn_20rz5JCRpRg3mHuCZMdkdG9LH9gfXB5zU3OiM7-86qMNfy9A3PSWoAGMd6I41zThCS80NuXC8CBuUYUq3I4KzMlDPVD9m9qKU89VwAXH2Fu_1RYD_mr-9stGpbpEsREZ-9IXBlXXFUiwb-0xR6vg_O0w7cZDdmoiUifWCxu8mqHNrXqut4oITXMdMzaCnSOW5Q-rJIh5EEF9Z2q5cENlN43JOKLQ0_dAyx8OLBHohhMXoazmhqHUdTl8HAHpYqhYTv_kJJYKHS9wgBBk-1euTUVyqRzCuS_VMAHGLdJQMrdasa9fZWnIe3d41TiUAfBGcGvn3DqlUdFNcf1ml-IZryzhuaIcMy_qUOoDq8POsPnD4_dTFoILtbnuBuQ27FdAX07lcCkHBsajLmQP9K-lMwCtLczmQvuDkDowdZuwY2r73KFYAzLfAm5IsgmmkMjorvi7M2cfZW-TE_9WS_khEWzyA9GIGOLVgiAmdjT6VDkG8s9tYtJPKYoDPWkY8ATY_K9_syiwGb5G-fMXkT9KkTGD97U8y0XgRCMA-HKvdwu4Z6jsQ9rF5PxJy4rjrWOnGp96ByGShTl6DVscw0NfAzEZEB8u5M9VwR7Eh5sRiYopY2dOTixQuHdV7Uo87RbPXIW4o9RixGXZkQYevRxwOK3gyi8IfzBgOMMIhmjTqAHLqqljXgnP__LLO15hUf4hUWum4iEs7tHYAylirN6XgNku23ZaIvv4fTQlzZdQ5uSt6ZQiKFiAGy4Sn55m8TiCx9kTg7ki2GKu7_Gpen8PnF0GJyjDz_2tYJC4SgEm3m40NG5WJnirQfplMDK5caX0Z6lKZSc5VJL2w7cpch9kEA41UEa8qbBmJ112w3m9FquPeDntXqyKGyJqEazIXi3uwJy5Z4DOWJ8rZFVbpR-OwwLnhwCkqX1iKiQGK1mpPajz4nwC2E7tak40HtfXgV1uHE0MokiRjcainaaPnxrWzP_X0ry6tY6ld2qVTMlaNcO01nXON5rINWvJ5VwF6jG2hEddFskhNnioUM1diXNclwn3Ci4M0lvBiLLij8AB5PEpR-CpU67lyS-YWqMUUe5_BjzdvmOSCVp1yP8zxNy8i9UCSXzllZRITXGa29jZOhX4EwvSJCOz9YeNDiZnWi6rtPoBSnsHryiyyMe4FMvq1xxZi9l-g3tFwQmFYJFhb7db--8Isv9dPhT_32l76uf3CkLQLn_xkqVt0eu-CKpUhe8eDKzYdOf8iYQwTzhGdmhH6mD6vh2G_SIw6fQWAF0CeZI98ltV9YFwZSpgbPlqybcUJt7c1vSXYj2UcuXuNjesGmFX2U1bu7cZ1jZhkSUYsB5an3fZx-BOY7l8J92OktBZABla0ZbtJQ58yLpRPLR-bujQ&cid=CAQSOwAvHhf_hJfsNpRcHRMaZRllp3ktLjsH_o64uxLHHWN7uNT6WFBm2_qOkGr_OKFbkGp6l7iifsp49JmEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Frevistagalileu.globo.com%2F&ds=l&xdt=1&iif=1&cor=13393482593217210000&adk=3037181501&idt=113&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f267b2d41f42be6f543c2a481df26c66a39010d6a61fb3b998fb6a70210ea31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12870
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
352 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3612842-1&cid=2089446785.1705639333&jid=1691134495&gjid=1438245891&_gid=1033742940.1705639337&_u=YADAAEAAAAAAACAAI~&z=1566138328

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 19 Jan 2024 04:42:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 934D 1 KB
643 B 14ms
14ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CEA9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b05a91871061b8b814395fcf006175ca79239d50bfaa15c2cf114f5c99838583

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin Show response
cdn.permutive.com/models/v2/ 370 KB
260 KB 87ms
43ms XHR
application/x-binary 2606:4700::6811:7711
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 350c1d2b416cbb0eda468b944a566db3b5b11cf0021727b8684382ca7d25d53a

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-goog-meta-oid: d39f98ec-9259-4f8b-896d-7ab58be1f900
age: 0
x-guploader-uploadid: ABPtcPpGvc3rq4DjOBoUE5Hu-rzA88a2C5d8aUEKyN57LjVbXpR_nt0cTEAU0oNP8lH3abzV2qX8gEeS8Q
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 265644
last-modified: Sat, 06 Jan 2024 17:10:00 GMT
server: cloudflare
etag: "f0440be0c8aea9461b122126eccd28d0"
vary: Accept-Encoding
x-goog-generation: 1704561000476121
content-type: application/x-binary
access-control-allow-origin: *
x-goog-hash: crc32c=cYtIIg==, md5=8EQL4MiuqUYbEiEm7M0o0A==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 265644
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847c69006c5a35e8-FRA
expires: Fri, 19 Jan 2024 04:42:17 GMT

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
261 B 56ms
25ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 8bc00b3e1903a791e880efb21111f5bc7b06251ef12fb917fe87b2ba73645f9f

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame B26C 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 12:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 12:55:53 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 934D 0
104 B 138ms
68ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEE7ZCIcQdrpq5R_trMXREXI&google_cver=1&google_push=AXcoOmTvT6abvGdOze7TLgCQ2lzjGI8IFBOu_lVi9vmfm4cpKKK3wgRDHrSuXdwj4afcn67-xYje0hLxEJnpGqAwmjWow5qea7s
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 934D
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAD5IQeBc9ReFa2RDYmj4Y8&google_cver=1&google_push=AXcoOmQ2YX6-FpLtz5Gk5iGRRhfLmFD4F8rUTPK4yaWCq5krSzxM2_mcdOpmtqQDrSGIp7nXKEHcakD7_xi...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ2YX6-FpLtz5Gk5iGRRhfLmFD4F8rUTPK4yaWCq5krSzxM2_mcdOpmtqQDrSGIp7nXKEHcakD7_xik8j1HEzqy5jTjoHo&google_hm=fJhnrprUR5y_6tXgECrd9oc

170 B
188 B

34ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ2YX6-FpLtz5Gk5iGRRhfLmFD4F8rUTPK4yaWCq5krSzxM2_mcdOpmtqQDrSGIp7nXKEHcakD7_xik8j1HEzqy5jTjoHo&google_hm=fJhnrprUR5y_6tXgECrd9oc

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:16 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ2YX6-FpLtz5Gk5iGRRhfLmFD4F8rUTPK4yaWCq5krSzxM2_mcdOpmtqQDrSGIp7nXKEHcakD7_xik8j1HEzqy5jTjoHo&google_hm=fJhnrprUR5y_6tXgECrd9oc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 934D
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKjZQHHxCWHpWSRgSEY-xpo&google_cver=1&google_push=AXcoOmSj14IUl2rRPcd2VP7IOHpBLYy84c5zRP2GvDujOS9aLmT5dcyPs1Ta-JfE-j51vA_Mf5lnpxJ2SP4s8V9W...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Y2s4jwAqR9c4-vzewFqvoA&google_push=AXcoOmSj14IUl2rRPcd2VP7IOHpBLYy84c5zRP2GvDujOS9aLmT5dcyPs1Ta-JfE-j51vA_Mf5lnpxJ2SP4s8V9WklMG5pSBCpk

170 B
188 B

34ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Y2s4jwAqR9c4-vzewFqvoA&google_push=AXcoOmSj14IUl2rRPcd2VP7IOHpBLYy84c5zRP2GvDujOS9aLmT5dcyPs1Ta-JfE-j51vA_Mf5lnpxJ2SP4s8V9WklMG5pSBCpk

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Jan 2024 04:42:17 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Y2s4jwAqR9c4-vzewFqvoA&google_push=AXcoOmSj14IUl2rRPcd2VP7IOHpBLYy84c5zRP2GvDujOS9aLmT5dcyPs1Ta-JfE-j51vA_Mf5lnpxJ2SP4s8V9WklMG5pSBCpk
x-host: tde-deliveryengine-production-5db7bf8975-7gdbk
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 934D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELJ80bwVzTKHshhoADztqMg&google_cver=1&google_push=AXcoOmQyfPPshR5anAxJMdcX9q-zQh6g3ItlZk6v3zlt-SweOdiLvtZ1G2ePb8-26yt48Ex3krJ_qwsp...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELJ80bwVzTKHshhoADztqMg&google_cver=1&google_push=AXcoOmQyfPPshR5anAxJMdcX9q-zQh6g3ItlZk6v3zlt-SweOdiLvtZ1G2ePb8-26yt48Ex3krJ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA3NDE3NzAwMDg3NTU0ODE4NQ&google_push=AXcoOmQyfPPshR5anAxJMdcX9q-zQh6g3ItlZk6v3zlt-SweOdiLvtZ1G2ePb8-26yt48Ex3krJ_qw...

170 B
188 B

34ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA3NDE3NzAwMDg3NTU0ODE4NQ&google_push=AXcoOmQyfPPshR5anAxJMdcX9q-zQh6g3ItlZk6v3zlt-SweOdiLvtZ1G2ePb8-26yt48Ex3krJ_qwspzxOQzfuQCfO6cwzDmEE

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA3NDE3NzAwMDg3NTU0ODE4NQ&google_push=AXcoOmQyfPPshR5anAxJMdcX9q-zQh6g3ItlZk6v3zlt-SweOdiLvtZ1G2ePb8-26yt48Ex3krJ_qwspzxOQzfuQCfO6cwzDmEE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 934D
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJIkC4xnxOgJOYDRhBKLXlc&google_cver=1&google_push=AXcoOmQBEd2dGw24HESlf0i2l6Y9npcnEOxjn6p-FKngAWzIdhBC9eZ2ruwn28KDtnCkfbPUarIitI42hDrIVFZn8...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJIkC4xnxOgJOYDRhBKLXlc&google_cver=1&google_push=AXcoOmQBEd2dGw24HESlf0i2l6Y9npcnEOxjn6p-FKngAWzIdhBC9eZ2ruwn28KDtnCkfbPUarIitI42hDrIVFZn8...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQBEd2dGw24HESlf0i2l6Y9npcnEOxjn6p-FKngAWzIdhBC9eZ2ruwn28KDtnCkfbPUarIitI42hDrIVFZn8z43nuXY&google_hm=IA_6rGZH5p4odlTfTd6HgM2L

170 B
188 B

35ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQBEd2dGw24HESlf0i2l6Y9npcnEOxjn6p-FKngAWzIdhBC9eZ2ruwn28KDtnCkfbPUarIitI42hDrIVFZn8z43nuXY&google_hm=IA_6rGZH5p4odlTfTd6HgM2L

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 19 Jan 2024 04:42:17 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQBEd2dGw24HESlf0i2l6Y9npcnEOxjn6p-FKngAWzIdhBC9eZ2ruwn28KDtnCkfbPUarIitI42hDrIVFZn8z43nuXY&google_hm=IA_6rGZH5p4odlTfTd6HgM2L
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 934D 0
236 B 57ms
24ms Image
text/plain 2600:9000:211e:ac00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGwmNe16IESUIoH0ndKxykg&google_cver=1&google_push=AXcoOmRowWsuqhfvzLGALjX-bvfnx_RXy9LDjo5ydQS8jVMrLCY8OBXgVsuFnz2LQ8jDMQNA3DppHKdEbYb_iJpnVKVqe1n1iJ4
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ac00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
cache-control: no-cache, must-revalidate
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: kfrRKZY7dpc02lWPckW_3p8deQZM6Y5r3ow2u2Cwlec9zq3Wbllm2w==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 934D
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBU9PNfnA7cDhGf89LU8xKg&google_cver=1&google_push=AXcoOmRehb1hIxojF...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2Mjk3MjEyNzU5Mzk2NTA1Mw%3D%3D&google_gid=CAESEBU9PNfnA7cDhGf89LU8xKg&google_cver=1&google_push=AXcoOmRehb1hIxojFqBDi_K8iVaAC0YqTS...

170 B
188 B

36ms
36ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2Mjk3MjEyNzU5Mzk2NTA1Mw%3D%3D&google_gid=CAESEBU9PNfnA7cDhGf89LU8xKg&google_cver=1&google_push=AXcoOmRehb1hIxojFqBDi_K8iVaAC0YqTSUVBaBhCjKvnDgjln_1IGr4FBTHQvGHCB5XqXbB5Es7xNbFPG8k0soyah2xqDXDq7pN

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
an-x-request-uuid: c1a7ebef-1182-49c1-8a61-af458baa5459
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2Mjk3MjEyNzU5Mzk2NTA1Mw%3D%3D&google_gid=CAESEBU9PNfnA7cDhGf89LU8xKg&google_cver=1&google_push=AXcoOmRehb1hIxojFqBDi_K8iVaAC0YqTSUVBaBhCjKvnDgjln_1IGr4FBTHQvGHCB5XqXbB5Es7xNbFPG8k0soyah2xqDXDq7pN
x-proxy-origin: 178.162.209.135; 178.162.209.135; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 934D 0
12 B 32ms
31ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jn4Pj6fkQfsAx-jmXU5wdNfQdUUuGCm6ZE-YyzR-uHByDbzakTdLYC1VvUnciSbsclc-K0xg

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5653 41 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQDz69mbaYHunY6Elq4IrebrFJ_0nPSvDZiAXTUkoNvN5bYsrRxyFcLRvY1ngPizOPCktRajrtY2-oJc2sof2mPe3bzHppkwPnsc_Wjj_N2SFETnvVXKj4yBxAnqEklPtFkBmG2ak6lDaean88aGwVD9umhefXXKFAXNMONkioCuMECD0&cry=1&dbm_d=AKAmf-BShbM-Z_AhoP9j14coTi6StLcWXB2dGm0szLm2rUH8kPlgXUM7maDrEMs5-j3VxoPa_mWRel_2gt3t4vNy6lkrzbdNDQYAVFnZaD12erRLD2LRlO6V3gdrGEpchEAkFQPytFH1B2TwcWg0xib9cf2h72Q301lzxg8jp1-IOUeaLtDzIppZGfNWETmVrwAQPahMTbUTw18hzFtcvF0ZAa9CARwrC3MHyth_n0YqFzCkvXW57wPf0kBL2_PLPb80sfs3ukACE0A4wP0ndi2sLJJNyQ4eiaLC72Z7RuZBILdZ9NgrP3RvAkgrQ_xBChwK9WqUsc3kn0zLZiiQ927p0lukpfyNs78gQK1OZlxjCPvnBeJMc-MW0rCICMKJKktJ1gzIU3mD-tsCWKMRqnl7-uVSmYyPOVwu9iqTiP0vSW32CjodRnfD1mcs8TQ6RbsU8HzhSPiuFtxrTT2Wv3ClEj83VlOMHRBNymXI9nnfW-AWQZf3kI_SHXEk4Qgza8StLbSHReH64nNdh__aC1bJNh2RAv_rhANzXFDDnz_QuEnehvmKtNfgF3UoopKl33dvkict8qMurd5S21jcuxXK7TG1uDf9nkZAERBXplz_dMrkmNj_XS6ZynN0EBLZrqYB_k9SlTDrYh0y6D-nPsnVOiLjcNO8l6gCU_0q_I68BiL5iui2box8xyPzpapJ7sJ-miwMiaR87RtD9ozUkmRa388Mcz2a85VVCdSid9W3S5-cwm-X__Pb8Cd3OIhzQFY4491sJIVsj4dkxJ_Q7WXWq24hbt03xL_NuUaC0D2cFaJjO2zjZj-gnzXoy-3eKDJKkZ1CENil9rqE4_3S_ciM5CujrdtMtIb_1TFn6NjgtdsPROKAbClb8lbZ5PNkAg1xOBW4tHEE_12O3gB1MT-XI8NOtQUsFNL0E5bQeMhwaJRh2N2tWSQzj52ulPYzgWUFTzxPXOVTK3avi83tyZUFxTPDoE6B2AzDZqVsfETM4PEjlq80vOsksHgEKFT41RuRN77nysjoObDUVAjLqbo6zIPoYMNcEnWF6dU8rkVMIC8YSw5o_1UL78GYl88tHpOluwcHCyqMlkE7--no40Xz6ItSvmBRcDhn-V8Are0FveXFmkhUOVFicT9nEubCEnUlAn7PB4yXrXNT7GWozgZ1PEpa5ese1FO_X7GoSlSTs6t997LJVFOEvktNTeVREy6bseh8ISDVkb4czHdA-jPZqxaWD4IXP-H5r1apbuuFYERXfRiRykJLJx1MAfNo7cBBJyFxKXLiq_h6Q9F9rodBucqNZ0dCSyp6WFfj-vI1hOFrdzVRerdHs_0-YXB5cnJYcRtlqoVw5uaoEsLR1a13lUFrq6L3lDeMFdyPl0ThU_HsmF7E-51g0D9r-ntvL8NPecE7RTe7wyXdPBv7h8eN4u15bLYmqAt8ZS4kP-8dEQm2utmJNBxxgl26d0qmmICGdUI24jFuOUJUnh17jJG4Vv-HSonYQhgGLgTMUVBbXElS5plGCE6taseE7BH5FHCfTvKhiZ9xPS6y2pU1NNf440mn2NXjkJbZtFSMSbFCgSVztBYJ0mw-Kkim1esJlHa_cs6rzdG2ZPLQyHWPYhysEa7u_17fPLI6TlpKo3LdyiqTrUSMgCmIHfVYQUjidcnONEU9mNdpgbF_9ubcU74c-lHvhLM93NrA9bFks2Ce4OYXZCUvv8tDIG0Ud2C_FWpM7h1rkhimRj-79g0DZJvwy-blqa1QhJJlBVpAByZ_b1E1Bqb_ff8bQENUxg3dhPxQlZxVZLhX0EpTbRqYV-iuLvmRX9AaAc1-lEKc8X8eG_8WEVCbuXizfYBlJZFC1Umz1nFjyW3TRwAz4aNHiat7PGO-g0PeCgpLf2L0kexuAkujiY1D1D3O5qLLfRchtGgA4FdcrHlV7oWVvMj8FP6R2dazVBHjSoTiRXq0Ynms0QwIn_20rz5JCRpRg3mHuCZMdkdG9LH9gfXB5zU3OiM7-86qMNfy9A3PSWoAGMd6I41zThCS80NuXC8CBuUYUq3I4KzMlDPVD9m9qKU89VwAXH2Fu_1RYD_mr-9stGpbpEsREZ-9IXBlXXFUiwb-0xR6vg_O0w7cZDdmoiUifWCxu8mqHNrXqut4oITXMdMzaCnSOW5Q-rJIh5EEF9Z2q5cENlN43JOKLQ0_dAyx8OLBHohhMXoazmhqHUdTl8HAHpYqhYTv_kJJYKHS9wgBBk-1euTUVyqRzCuS_VMAHGLdJQMrdasa9fZWnIe3d41TiUAfBGcGvn3DqlUdFNcf1ml-IZryzhuaIcMy_qUOoDq8POsPnD4_dTFoILtbnuBuQ27FdAX07lcCkHBsajLmQP9K-lMwCtLczmQvuDkDowdZuwY2r73KFYAzLfAm5IsgmmkMjorvi7M2cfZW-TE_9WS_khEWzyA9GIGOLVgiAmdjT6VDkG8s9tYtJPKYoDPWkY8ATY_K9_syiwGb5G-fMXkT9KkTGD97U8y0XgRCMA-HKvdwu4Z6jsQ9rF5PxJy4rjrWOnGp96ByGShTl6DVscw0NfAzEZEB8u5M9VwR7Eh5sRiYopY2dOTixQuHdV7Uo87RbPXIW4o9RixGXZkQYevRxwOK3gyi8IfzBgOMMIhmjTqAHLqqljXgnP__LLO15hUf4hUWum4iEs7tHYAylirN6XgNku23ZaIvv4fTQlzZdQ5uSt6ZQiKFiAGy4Sn55m8TiCx9kTg7ki2GKu7_Gpen8PnF0GJyjDz_2tYJC4SgEm3m40NG5WJnirQfplMDK5caX0Z6lKZSc5VJL2w7cpch9kEA41UEa8qbBmJ112w3m9FquPeDntXqyKGyJqEazIXi3uwJy5Z4DOWJ8rZFVbpR-OwwLnhwCkqX1iKiQGK1mpPajz4nwC2E7tak40HtfXgV1uHE0MokiRjcainaaPnxrWzP_X0ry6tY6ld2qVTMlaNcO01nXON5rINWvJ5VwF6jG2hEddFskhNnioUM1diXNclwn3Ci4M0lvBiLLij8AB5PEpR-CpU67lyS-YWqMUUe5_BjzdvmOSCVp1yP8zxNy8i9UCSXzllZRITXGa29jZOhX4EwvSJCOz9YeNDiZnWi6rtPoBSnsHryiyyMe4FMvq1xxZi9l-g3tFwQmFYJFhb7db--8Isv9dPhT_32l76uf3CkLQLn_xkqVt0eu-CKpUhe8eDKzYdOf8iYQwTzhGdmhH6mD6vh2G_SIw6fQWAF0CeZI98ltV9YFwZSpgbPlqybcUJt7c1vSXYj2UcuXuNjesGmFX2U1bu7cZ1jZhkSUYsB5an3fZx-BOY7l8J92OktBZABla0ZbtJQ58yLpRPLR-bujQ&cid=CAQSOwAvHhf_hJfsNpRcHRMaZRllp3ktLjsH_o64uxLHHWN7uNT6WFBm2_qOkGr_OKFbkGp6l7iifsp49JmEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Frevistagalileu.globo.com%2F&ds=l&xdt=1&iif=1&cor=13393482593217210000&adk=3037181501&idt=113&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H2 200 player.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/7.86.0/ 2 MB
601 KB 227ms
226ms Script
application/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/7.86.0/player.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: d67cacb7ec5eebf5b63f3ae3cb57462c203f4f0cb92d0f721cd062083920aa39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
content-encoding: gzip
x-openstack-request-id: txc6d489a94ace4dd3a6e86-0065a96af4
last-modified: Wed, 10 Jan 2024 18:46:26 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1704912327.000000
content-type: application/javascript
x-timestamp: 1704912385.38968
cache-control: public, max-age=2592000
x-trans-id: txc6d489a94ace4dd3a6e86-0065a96af4
x-request-id: 1ffc4a1d-33d6-4f22-ba4a-dd04dd1c67d7

GET
H2

200

passback_970x250.js Show response
static.adsafeprotected.com/ Frame 5653
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1806749/77544531/xbbe/creative/adj?p=APEucNVQBM3flZcx85qGvX5SklzynvfAD1oUAuVOEYjtags22mxCcKg&d=CpkBAKAmf-Bh-FV0UE1wORnbo8TSEUDeCIXXZGi7znNT6zUdoIgoNrMkV5Cuv4-...
https://static.adsafeprotected.com/passback_970x250.js

3 KB
2 KB

7ms
7ms

Script
application/javascript

2600:9000:223f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_970x250.js
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: .AUJIbFgg5lm.Sl5dxN6YT6RZNYioRMX
content-encoding: gzip
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 06:23:27 GMT
x-amz-cf-pop: FRA56-P5
age: 80331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:56 GMT
server: AmazonS3
etag: W/"094948b2d1170876fb8e76e432d87da6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 5IQU8B3ATcaud2T9_uH1iRLPbS1jLS0t2efnk45_9KntW1CdowQbWg==

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_970x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame ECF4 91 KB
23 KB 8ms
8ms Script
application/javascript 2600:9000:223f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10384387
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: fvT93cRfhGnJ70dUbojph7JkVBdiLFdIY5eJETG4EjrIdgV3JVZu4A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5653 43 B
215 B 470ms
341ms Image
image/gif 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1806749&asId=975841e1-4625-d8bc-444b-781277f881a6&tv=%7Bc:1IDDbD,pingTime:-3,time:36,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:13%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:36,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1MsPRf+11%7C121%7C122%7C123%7C13%7C141%7C142%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c1%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1f*.1806749-77544531%7C1f1%7C1g,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us,siq:14%7D&br=c
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5653 43 B
215 B 299ms
172ms Image
image/gif 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1806749&asId=975841e1-4625-d8bc-444b-781277f881a6&tv=%7Bc:1IDDbE,pingTime:-6,time:37,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:37,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1MsPRf+11%7C121%7C122%7C123%7C13%7C141%7C142%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c1%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1f*.1806749-77544531%7C1f1%7C1g,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us,siq:14%7D&tpiLookup=ao:revistagalileu.globo.com*&br=c
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 5384.js Show response
go.trvdp.com/init/ 6 KB
6 KB 44ms
8ms Script
binary/octet-stream 143.204.98.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/5384.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/324/5384.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-108.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e2a445154069c046f1f43b6bdf7fea30e78e5b934e2d280bce82335f796baaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 11:59:51 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Mon, 20 Mar 2023 20:19:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 3688947
etag: "022dda7a62a442510e989022931bd5be"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5844
x-amz-cf-id: wHVdBnpSC2p53VZUMYbngNEs15lgihN90FZYaxbi9EvBSBcb7X7wyQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5653 43 B
215 B 296ms
173ms Image
image/gif 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1806749&asId=975841e1-4625-d8bc-444b-781277f881a6&tv=%7Bc:1IDDbJ,pingTime:-2,time:42,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:351,beZ:352,mfA:354,cmA:355,inA:355,inZ:357,prA:358,prZ:361,si:365,poA:366,poZ:380,cmZ:380,mfZ:380,loA:388,loZ:390,ltA:394,ltZ:394%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:13%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:42,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1MsPN5+11%7C121%7C122%7C123%7C13%7C141%7C142%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c1%7C1d%7C1e.1806749-77544531%7C1e1%7C1e2%7C1e3%7C1e4%7C1f*.1806749-77544531%7C1f1%7C1g,idMap:1f*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:14,sinceFw:27,readyFired:false%7D&br=c
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 audiences Show response
api.permutive.com/audience-matching/v1/id/d7eacda8-73ed-49b7-b787-48da19c973a5/ 12 B
66 B 69ms
68ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/d7eacda8-73ed-49b7-b787-48da19c973a5/audiences?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 04:42:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 41ED 38 KB
13 KB 13ms
13ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 200889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 social
am-trc-events.taboola.com/editoraglobo-galileu/log/3/ 0
230 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-galileu/log/3/social?route=AM:AM:V&tvi48=14791&tvi50=-50&lti=trecs&ri=ecc4182b512c63937f75eb3cdcfa143a&sd=v2_4bb29d8817bf5cbcd543ee3d70ecb9fc_ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328_1705639336_1705639336_CIi3jgYQpP9JGMa0m4DSMSABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABom8ObpKOcg8HSAXAA&ui=ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328&pi=/&wi=8255381411081868912&pt=home&vi=1705639336518&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Frevistagalileu.globo.com%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Galileu%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=05%3A42%3A17.110&id=2642&llvl=2&cv=20240118-41-RELEASE&
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 4 KB
2 KB 150ms
107ms XHR
application/json 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=324&wid=5384&cb=7082.012453427866&pid=4038&url=https%3A%2F%2Frevistagalileu.globo.com%2F
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5384.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: bd1895d50a87f4d2b5db14251238033dccb2e5ed5d894b20fa0af3833d2c8ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
x-amz-cf-id: NO9OYbwlO7v3j8TjXwA8Et0QTBJW7KtuEnU_cs6p1jw6DplBhWOa0A==

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame 41ED 51 KB
19 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 04:02:40 GMT

GET
H2 200 IAS_PassbackAds_970x250.png
static.adsafeprotected.com/ Frame 5653 28 KB
29 KB 8ms
8ms Image
image/png 2600:9000:223f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_970x250.png
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1806749/77544531/xbbe/creative/adj?p=APEucNVQBM3flZcx85qGvX5SklzynvfAD1oUAuVOEYjtags22mxCcKg&d=CpkBAKAmf-Bh-FV0UE1wORnbo8TSEUDeCIXXZGi7znNT6zUdoIgoNrMkV5Cuv4-rkvPZ3tST8_bCcsK8LXV5ytdBv7ecYjnx0XFFGEXQ_fkxTBDXM3C_S9ODQ3K5C3El-BO7CJxD8H3taPGIX90AsVlaWeuc-CW0YBASw0Kt1nuKbfmn_otaYQ_HJNR9NfGPijyPxBeqrwCOb8-zEvkWAKAmf-DxIl3TfEnNyc9R8MStfWgzCG5sF03j95LEyQoXXTD6Q0gGxC8_wRYQy8n65aCq0EBLXGjGMATx92j2BxWahT7uRTyv0u360zDh_tjEsp8lFg9-GEzMbeNdWU7uyZgYaxPCBC7YOnitad4A2p-PW2XOt4370IA5xJ2ygqfiooUWGy3cxztFISsBw4UpJxhHbw_fiK5dBzM0PqSKntvuBbr8_x9qBRaF_SFV65nKsu-BSMxJbIkDnRMjPWvcl6g2ZUjqxFBRlA3SFGHAS4TyIRWfxhDV3BJggYMHMSSKqd0HYx6JIW04Y1zlTTz53K8WG7Yz_Ivr_GdR2p2lio49tYjB9Xd_fUF2Vkia-9scGNzgdznLFZ3qEUbQFARKKsHtY5k6a_mxqnA7HPLbSyWQ0G8kahWtKRgn6T28TQPtsl5qZAPpWZkKKfMQAXjACAHO4oeuFD_XkpC92O5fEnktCCRcQcBtbjUDT2YS24UnJbcSjNW3nYqRUdR7RqRjGw4hrAyd1dGS3qkow0wajuTtnzOh4FOFAVA_vmepbT01GdnF0k9pGCad5xbqi5Gk6CbVyFJfufd0JAKcb6LTBe2YjyPkK0H4qOcBffYeCq74M76PikUJYNpW43WpNkOziQM0K8tFs4E0CPmxx6JkzBV2xZJAGaDd44eBwngz4drUSEHIoEIKHKxa7qZHlqJylynE5yOEeUTvmZocP-FzPxof588VUahJJGESSBueCT2aQCYzV4l9gt69liHFpwjaNxt5AmB_Iwol1PG0VU3nm5l4qRG8qXDfkY8OLY1nFr_oXZuSbxv-03fKz40BBaTrxl3FO7zuwiscWVVbpSHSpONSFC6XR0QAXXYA4rKN73aRXOCphI8QiDWHb4jykWqP7OVHhXkQMxq1fBIgwoGe-P32e2W1l48zJnyicbDaP97lWu7wnPsCEIWef9jLdxcEJNayLDqLbd_95VY7GqWD90-YrvW_7yjbYRVK3kpfZv4NPXlST9YRZhWrHsgRhXZ2hKHby3vPF8PNhScVaEKflPYZ-qJcD2HFKoRllqsXuhsqwe44COJwGYtUU7hTC9a_Z8Tv58yPzfTjI9PgUWtmLGNjDlXoDVYZZsOaZrLfOEgN9gmgwMT7-fJjPIK1RHwCaO0g1IsA4Oq-gMGE5M-r5BskZLL3-P-GQxG072rdjqhWOp-20m1Ur8OdLzJXze5OM8oZ3jd2r1GYOLPCLrmgY1p1mwC3NDDvYuSLhhPjC6DRzLWUTzQhXo1iqqrcORPAa385A4kJNAPGgHpaS5lcTDBjbdpeLLTLaXminYYgziT9QRAOBoosbTa7W4_j7JuP3nmy20QhrQOvm6Xp_nO0rZwXJUGFn4ppjlsL_TmocmP_4gNFrDmPvyZUKS2bbXagNQjRo8ncrz-A7j0byBSgGR2JbcTXVBJDaNzspHcOsJB-c64_T7A3bjEQ6IxwLYzb7a1bYY6lOPop8Mdk09LM5MXeAdJFOM2vR1U19cYZ8g0JyvNK5DHxwYpfg1H_crHDHRfoR0h8a69uDe9ulH9NlwJsZEUL2m_j61-jdE9nHKyiGMdVKnlTYFIlVNjGWFHiMLhL-wD8C6-kYUVbZwPjuCcH00SXYw5qcb9pgr3INMzrLQRzI6l43rdkReS1VsDFUgSQ5RlQtUcjVIvK_RE6ofsWzUt5DlsB_AEXTXgE8u4Ysf7sHD4N228FmX7Bl9brR-pZ1RWt8YVEMzY_P-AsfogHJAgbDrPPz-MLsONgspUHKlYTbA3ll4VAvATaKR6UDa_Axm4wuCFTlZKRb9XmT3s0jF-Ci6buBxl-yQWvien0TyURVgktToqNNFdSD-1MpHRTm25M2I-6v64zDrbsw4_hTkB177xZy9r-l1NTbXxWsg9e3_luKnpRXRoJD7vuCCbx777Dq1iQNRC7r-fBZo2t1sLZZNpuSapEllfJzAEqoZGJcidtjEGUOPuU5ZxRpFpr4lYufB99VDseuFJHVKqbzpNkk8KX1vY5XjIVoTo74WdYhnpKY5keusIKYwYMZgMx54_UlrcAc_IARwq3Gdpa_dOl2AE1ZtxGfYPsXgIgNVabT3AL3wNLgB7SNdZ6A98BdV6HMdZ9_-5zZ5mmMACJf0qE1yZ7fCWQH1kwKeoxJEDHOGOU7XDc6SfFkDSYiHubLBjfkpFjbS0q9paZKp-pf-bcAlFAbryGIfAoy3vzMD90WjWWVNH5S2bQh_Wehq995OIlcQHTou28K-y4g7Gs8Dl5ELcGfzbrZiyCjhjkWfjQ4Yp0fKXOJdUydHN_ErTf_6RCutlvPYwEaINp03d7WfhSPcXER8DUzkPR4_eMgAHufT_25b7GOaMYwl2f-uWgpAQwwBPJ2aIZacaK0wJ8wBYpnU6WuXb68trHG2U20Tr_bI4awCTU7cSQlDoBpSLl2WaOPjBcgBFmjs4En2sE9oZHJJCa8yQ-7_EFNg6sjDU1BcXAEHw6F3COOnDkW3KAx1Q-Gq6_dlUidHBuRusRB6SmVX6YJyAX6Fe4Vw3Ghjnxvaakt19SF2d_TJjmG_r-rOPJdGgQD4JfKYJhdrHPE9NZes59FsnB6MzdEVwLtD67mrhEMpadSEk4M5jTqIOKr_DZOpYHS8iNmV4S_jd_l4GdXLqHn5PhsWD3R88OVcs_VMS7tDEbDip18A8dqQ1Qxi1dbgkz9QE5vzat2hp2qu5HvApvuGS0kanFq6LjAdnBweQ3lvrdaCDvVTH39yT9kIbQVKVhsc4AQHVq14CpQsDIx5CvVJtDBgHYWCnfzKYykqW-1kO7mbvxE94XAj9emYJ4yEShQ7tw3gyNxse3-ifcPOmP0u27WvtwYrJKC0UQFeyvFXLk369gcmnFxzcGCU9S7VEF_R2UnV0Reb3LYcF3wYfrXvVz19Sci8pLD8ptfJZr1ytjIHWn7ybSXvAq9d0dUP8kPIF5UoAWyvrbReWAzDnFSoo0azWdbKtfDJcxyU-IkRDC_mkrjI4STF3GuT3YNjtxCSCcxeHKqim7jVYNkxcNarOCl8qkJbQR-ZGM2nmkv9Xubv4FZOPWq48MTQDsdFayp3Cm9pPw1l4f7O9tImqFCGu5FgANNh4L236k3lzepvbPmmAXGQtsH_F61dNdMPngzSJHe0aMckl2VFfbt3iyS40FMQPt__MZbqQtjrCnDwRW99nLCKh5QyJhbI4lQlrPaFvwAexQ8Jabj4WiuhKmw61nXS63rr3bHIws3Nhy7ukKv9XU-3KndV1Wj_zgB30AAVbT8a2N8r8-QDUaHMZI4G3Upiz0qbmvm8BMrPJPZN8Spi_6xfd2l-ACO9tNn5NNwjrH7DVBwJnVQpOZF9PRpEY7znYMnl9iKvVrIoo9CknzVo7E9CyRM2TrHv-rDDaTYBiq_yvb2_IW_W_gTw6excEG8CWlMz7W4KFFOxYpjolmE90EwlB00EOBatIdBd1Md4c-ItULxL_rDdROWflVX2uY3YaQud7ZSmGXUjbeJyWpSDwCWZhJleoFXVxUfGu0YKUwp1eSJRNZFhLx1UYM_GLatIN15WSvMvXmhKRYPmy7H2CGAJD-tkE_DRkDuj4c8pUufXxvlRyzxrYXuZCwMDNdHABe6g15uTJZhxuI2wmGn-9nPWATB5hXaYu13nTC_rIxegcdbft5ouFxN_hybbsMYIZznBubj4BLbHLVPFMAVEnYC_GekoSQcgTjtem289ksgVh5ufYAwyKVm5LUEqUJo5_6iELXfcPTZaw1fILMcgDOn81N731dXazylsUg0emOl4zQDEP6mxZAzv6wBVTUuZh-yBiwfz__blVDxn1QPLYjv--Mc-k8wLqgHYcFzsIZO2thAZ785pi055LdIbILXfm4bZDgu1PdsVJp6BNvKpk0SULBFY11X6IV8bbOGkEIBBI7AC8eF_-El-w2lFwdExplGWWneS0uOwf-jri7EscdY3u41PpYUGbb-o6Qav84oVuQanqXuKJ-ynj0mYQYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1015139120&ias_pubId=pub-8828587149473437&ias_chanId=1&ias_placementId=20855602476&bidurl=https://revistagalileu.globo.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0ic6NfWVbFaa9IAQQA2zvjX&adsafe_url=https%3A%2F%2Frevistagalileu.globo.com&adsafe_type=y&adsafe_url=https%3A%2F%2Frevistagalileu.globo.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:975841e1-4625-d8bc-444b-781277f881a6,c:1IDDbg,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-hh8wn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:eudisney1,mtim:2,mot:0,app:0,maw:0,fm:u1MsPRf+11%7C121%7C122%7C123%7C13%7C141%7C142%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c1%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1f*.1806749-77544531%7C1f1%7C1g,idMap:1f*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:14,oid:1f52a752-b685-11ee-9bb9-36c1cb0d2b6a,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: pdWOnfKbVAXycyDHbhFI_OqkWBFerFwW
date: Tue, 16 Jan 2024 04:27:28 GMT
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 441978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 28949
last-modified: Fri, 18 Feb 2022 23:29:18 GMT
server: AmazonS3
etag: "9d3f43da9d0d0679ec0dfea58b2f1d45"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: PCsbv9AkM1kwBO2SDmxQNKzsRZYjaQlIWOrLn3yyBhzWUX0WxBTxKg==

GET
H2 200 / Show response
usergate.globo.com/ 33 B
312 B 218ms
218ms XHR
text/plain 35.198.44.170
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://usergate.globo.com/
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 170.44.198.35.bc.googleusercontent.com
Software: /
Resource Hash: e640430fe2ccc31d8871dfea3286d1c1c3d90c0429d10720582d643887f7564c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5449 1 KB
643 B 15ms
15ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5653 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec3ad538e5c6ac9cc7021f27ed9aff481fb0d207590a75ab99ce1fcc590e8e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 8ms
8ms Fetch 52.29.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 04:42:17 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 78ms
7ms Preflight 52.29.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://revistagalileu.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 19 Jan 2024 04:42:17 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 tv4.min.js Show response
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 28 KB
10 KB 1168ms
1168ms Script
application/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
content-encoding: gzip
x-openstack-request-id: tx5317fe4cac004e618f902-0065a96aed
last-modified: Fri, 25 May 2018 14:11:50 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1527257509.32548
cache-control: public, max-age=31536000
x-trans-id: tx5317fe4cac004e618f902-0065a96aed
x-request-id: e7ce3771-602c-4077-ba1b-7bc89e93e8b2

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CEA9 43 B
215 B 233ms
233ms Image
image/gif 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1806749&asId=2bd2dd32-5b07-bf0d-9d46-7e5f30f324eb&tv=%7Bc:1IDDfn,pingTime:-10,time:526,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705639337276%7C%7C0cb6060b8aead3cab0f52dcc6cc9b0c8%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7Cb6a63d240a892f8da5808362c70de3fc%7C%7C13cd85e2126f3696a71dc5b0b4140a69%7C%7C9e0af65941da0e827c1c72c461148d61%7C%7C195d864a0a139fafd389a3bc9fa5f9d9%7C%7C28ae7216b55d009f18442af74208e18e%7C%7C1663701684%7D
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 st Show response
imprammp.taboola.com/ Frame CAC9 439 B
383 B 18ms
17ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&cmcv=&pix=undefined&cb=1705639337293&uv=3373&tms=1705639337293&abt=adxsub-out_vA!adxsub-out_vB!aniviewPrebidInteg_vB!iiqwfcontrol_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=bfa11842-dcd7-476e-ad8e-3e415e87e9c5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 736f6e1984864cd550b893298f3329985bf8aa251442ee1eea657c0dc398aa28

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230026-FRA
x-timer: S1705639337.297277,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 5759 577 B
662 B 21ms
15ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 34927c37c616dd87433b442f372954d7013234d770a90915782d9ab96d0eaf04

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 19 Jan 2024 04:42:17 GMT
machineid: 3406
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
792 B 69ms
68ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=368&height=207&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1705639337309&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1589&pt=657122381&tz=60&viewable=true&ddast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2768435&dpubid=375975&abtst=adxsub-out_vA!adxsub-out_vB!aniviewPrebidInteg_vB!iiqwfcontrol_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Frevistagalileu.globo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d9e3eb7df3449a2197334b909b58e0f40ad7f1ae07814b08b8df833b30183244

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 19 Jan 2024 04:42:17 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1401
x-cache: MISS
x-served-by: cache-fra-eddf8230026-FRA
pragma: no-cache
server: nginx
x-timer: S1705639337.312310,VS0,VE56
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.832/ 469 KB
139 KB 54ms
13ms Script
application/javascript 18.245.31.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.832/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5384.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:08:25 GMT
content-encoding: gzip
via: 1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
last-modified: Sun, 15 Oct 2023 15:13:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 4782833
etag: W/"ae8e71eddcd185d49d5b9a8ef8a2ef6a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 90bQWC2gv7d9NXK5f86EcbC-foO3N7bv-H8I4G9I2sKa5sGGV1mY3Q==

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5449 0
173 B 66ms
19ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKvawdCmi5_w2gbtW6jRjPY&google_cver=1&google_push=AXcoOmS1DAvxkMLjXqhO5Q08XGiABtSeO6COtWJSUofHBx26eBuD-fkE5x-3bcTX2B0vae7viKRavxiV8AnW1we7F9xr4LsrLaFu3w
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync
x.bidswitch.net/ Frame 5449 43 B
146 B 34ms
7ms Image
image/gif 54.93.105.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEE06QFGkFhYInx4jIwToPkY&google_cver=1&google_push=AXcoOmTz-FXqd6GMaGX6yAEVzoO05FFVVEmW-rohf9SsC_IgSViACmD6poe0N6xCey_HSUpEHgi2dSkb7l-yAVcFJRt0a5KyDrjsAw
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.105.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-105-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5449 0
166 B 56ms
13ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOCFj6jfC4U5uI2MOPu9o78&google_cver=1&google_push=AXcoOmSwJq-qEhD4lQ1nD6Hu16aR8TIPyta96ieG4bJ99sDki4hA87LcZiJWJNT1QHaWxeV3Kdbj6wgmbyvu6b4Td7jZRcMiwIjpqQ
Requested by: Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 19 Jan 2024 04:42:16 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5449
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM1GYKYJ8KIXZEcONv4xYNw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM1GYKYJ8KIXZEcONv4xYNw&google_hm=Zan9pREV6gV7G2XaGiiqFAAADHsAAAAB&google_nid=index&google_push=AXcoOmRohCiSb9GY-nrQvUvMxluZf2xl_I-tr...

170 B
188 B

33ms
33ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM1GYKYJ8KIXZEcONv4xYNw&google_hm=Zan9pREV6gV7G2XaGiiqFAAADHsAAAAB&google_nid=index&google_push=AXcoOmRohCiSb9GY-nrQvUvMxluZf2xl_I-trhOoN9paRZL4sTFqjjXL_mH4H01BBsIJEexS3RKjRG6p6Mo3uOqXOWouDE-uXuYFDA

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWD5fwkosIxSSdaZVFBKyOxTw9FvVmFGUH6rNjmZXm1JuXkpxv8v%2BO02qH5S7dFh4EFO8zttCYbrE7CsWVOUHv%2BJ9LbuftoA9wVXCUhTpLATOWjis1G2bDKgJNV91DnZ6J0l95qAN41RTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM1GYKYJ8KIXZEcONv4xYNw&google_hm=Zan9pREV6gV7G2XaGiiqFAAADHsAAAAB&google_nid=index&google_push=AXcoOmRohCiSb9GY-nrQvUvMxluZf2xl_I-trhOoN9paRZL4sTFqjjXL_mH4H01BBsIJEexS3RKjRG6p6Mo3uOqXOWouDE-uXuYFDA
cache-control: no-cache
cf-ray: 847c69028feb9229-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5449
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEK8BhczH6U_vAr5JWAAQ0J4&google_cver=1&google_push=AXcoOmT51EjwhIGW2YlxR2GXP37bo0u7kMCZXCZ80rkO8nC8H7RiiSzyTJd63hta85fFHteFuAHVQYUdcMaD...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT51EjwhIGW2YlxR2GXP37bo0u7kMCZXCZ80rkO8nC8H7RiiSzyTJd63hta85fFHteFuAHVQYUdcMaDRlzHdNWDlY6afGGUAQ

170 B
188 B

35ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT51EjwhIGW2YlxR2GXP37bo0u7kMCZXCZ80rkO8nC8H7RiiSzyTJd63hta85fFHteFuAHVQYUdcMaDRlzHdNWDlY6afGGUAQ

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT51EjwhIGW2YlxR2GXP37bo0u7kMCZXCZ80rkO8nC8H7RiiSzyTJd63hta85fFHteFuAHVQYUdcMaDRlzHdNWDlY6afGGUAQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

0.gif
id5-sync.com/i/495/ Frame 5449
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEAd0cXB1kG0nXbOBZQFkQwY&google_cver=1&google_push=AXcoOmQHdrfBPJySsAlzkZv7QxIF5vgt7ocg4GXJWJZFpR9IIYzTzSJm__lW6QbRP8ifDi-DAjlAmzL7wBL2XnqDu0SrAzJe4aLmf7E
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQHdrfBPJySsAlzkZv7QxIF5vgt7ocg4GXJWJZFpR9I...

43 B
1 KB

28ms
8ms

Image
image/gif

141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQHdrfBPJySsAlzkZv7QxIF5vgt7ocg4GXJWJZFpR9IIYzTzSJm__lW6QbRP8ifDi-DAjlAmzL7wBL2XnqDu0SrAzJe4aLmf7E

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 19 Jan 2024 04:42:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

date: Fri, 19 Jan 2024 04:42:17 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQHdrfBPJySsAlzkZv7QxIF5vgt7ocg4GXJWJZFpR9IIYzTzSJm__lW6QbRP8ifDi-DAjlAmzL7wBL2XnqDu0SrAzJe4aLmf7E
x-download-options: noopen
vary: Accept
content-length: 274
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5449
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBU9PNfnA7cDhGf89LU8xKg&google_cver=1&google_push=AXcoOmTYPDV_nU21n...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2Mjk3MjEyNzU5Mzk2NTA1Mw%3D%3D&google_gid=CAESEBU9PNfnA7cDhGf89LU8xKg&google_cver=1&google_push=AXcoOmTYPDV_nU21nclOyacBw50sNp3m_H...

170 B
188 B

34ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2Mjk3MjEyNzU5Mzk2NTA1Mw%3D%3D&google_gid=CAESEBU9PNfnA7cDhGf89LU8xKg&google_cver=1&google_push=AXcoOmTYPDV_nU21nclOyacBw50sNp3m_Hq3PROEtnFn6kgRg_MVENCP8z5IJBzWgnQ2th8itaQm0Q0tiTONRMqqcZWU7DKRUON_J00

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
an-x-request-uuid: 1853596c-336a-434c-82e6-f32b216f8099
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2Mjk3MjEyNzU5Mzk2NTA1Mw%3D%3D&google_gid=CAESEBU9PNfnA7cDhGf89LU8xKg&google_cver=1&google_push=AXcoOmTYPDV_nU21nclOyacBw50sNp3m_Hq3PROEtnFn6kgRg_MVENCP8z5IJBzWgnQ2th8itaQm0Q0tiTONRMqqcZWU7DKRUON_J00
x-proxy-origin: 178.162.209.135; 178.162.209.135; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5449 0
12 B 33ms
32ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JroWloydlAkIsZSItcn5QIuKThaCtBEVCXYgsYwVH_BscnWw6qXBiP7lyb3julh7iOuij96j0

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CAC9 70 B
149 B 109ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&cmcv=&pix=undefined&cb=1705639337293&uv=3373&tms=1705639337293&abt=adxsub-out_vA!adxsub-out_vB!aniviewPrebidInteg_vB!iiqwfcontrol_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=bfa11842-dcd7-476e-ad8e-3e415e87e9c5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328
pr-bh.ybp.yahoo.com/sync/taboola/ Frame CAC9 43 B
426 B 114ms
35ms Image
image/gif 2a05:d018:d29:3601:fb9e:de5f:307d:4267
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&cmcv=&pix=undefined&cb=1705639337293&uv=3373&tms=1705639337293&abt=adxsub-out_vA!adxsub-out_vB!aniviewPrebidInteg_vB!iiqwfcontrol_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=bfa11842-dcd7-476e-ad8e-3e415e87e9c5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:fb9e:de5f:307d:4267 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame CAC9 0
38 B 11ms
11ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5759 70 B
148 B 109ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 5759 43 B
425 B 121ms
42ms Image
image/gif 2a05:d018:d29:3601:fb9e:de5f:307d:4267
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:fb9e:de5f:307d:4267 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B872 281 B
554 B 39ms
7ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Jan 2024 04:42:17 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_7_3/assets/css/ 60 KB
8 KB 8ms
7ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_7_3/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-mtime: 1704535352
date: Fri, 19 Jan 2024 04:42:17 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: KVQD7FSG6JX32KJ3
age: 1103915
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1704535353
x-amz-meta-mode: 33188
content-length: 7921
x-amz-id-2: HxHP/FszP+YO130iB0p+93Sf0PAqAfn2wvVk2tGfiC+gIQCVvAlHNa3L0g0/xDdMaAtx55iASd8=
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Sat, 06 Jan 2024 10:02:34 GMT
server: AmazonS3-br
x-timer: S1705639337.390869,VS0,VE0
etag: "f7b7155f1c129d09779b1ec80bc9bb24"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 148109

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/33_7_3/infra/ 378 KB
86 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 46fbda9a97367cc61046dd658da965a26275b1aa2ce7249a70fe1c53abd77396

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-mtime: 1704535308
date: Fri, 19 Jan 2024 04:42:17 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: KVQBJ1CXAHYRWK9Z
age: 1103915
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1704535309
x-amz-meta-mode: 33188
content-length: 87279
x-amz-id-2: q8w6Ncbev8d4nc0+ZaQAbZxKNcw4bvl+2tIiQznCK2KEfcCeK6YwgeJ+R2dEWIsdzStR72DqXOA=
x-served-by: cache-fra-eddf8230069-FRA
last-modified: Sat, 06 Jan 2024 10:01:50 GMT
server: AmazonS3-br
x-timer: S1705639337.390640,VS0,VE0
etag: "1947fbc8bb0e083f25edcb980b3c2849"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 311871

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B26C 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bb5_LqP2pZdKWKPOK_NUPw--V6AcAAAAAOAHgBAI&bg=!trWltfrNAAa8BdJLnAU7ADQBe5WfOJTvCZkjDNFjSDFL_LVrXB2DQs7SawCS2YkKeWgALNzRMJQNXhzqEBwe5Uql8v2kAgAAARhSAAAAAWgBB5kDBzHYd_0zf9ExeAJMqkr3vbVKRGBhj3wSFsbUyGB4almrt-7VSGP3g5DpEd9T0xV1Zz3r-R4iCDxJr5HxiqbFHPvBzf7xwhX40avOAwA7A3eV9nUJEkR8XF4lyoUNdbTIeDUiHV3ak_IIoTMpg5GqAGE-LMFc5AtS4qDU0VEgYvRruxbeP_YKltgZhBu9c53rzk7ZT37fLG18sAUMW60BdwtrcqXJes3bOWswKvqGiytryq1zhyELLCmmq-nWZyhcTkQeZUNmtBBj0aLfjLwnoLuoM1Kvj8Wgae3jgHqVRgebmoLL505Sz7qVI7o5oXrIXFFbovVW8rbDmBAU2j2FLq7eRRyIrABYHgN8k0UWbCqbxqqgA440loL4dlmm83r5kFsR-n6Wxskd3ZwJcewgT7RmbU6p2xOjrfFVrz4NFiZpfYwOFMmNpV-c40519iD5hIo6_W7gql1H_Y8TvREwnF9zNOVnrqTzFr0Op6usyseNsnSBTd4Mq3tsv_He3r3sZkoGZ9RFMDypXdOgm8_1G2_npsRr7pfu-ytiloWuIjL9wTiZCB2A9x4lOjrxOt7iDQ3FCuwgoUrONGXb2qalWAGBj6Z5S-G7PMW8IKnx6InGmaaYe_Bp8PYvqqsaHM3lC0ho0BEyCA0U4hwUB1l0KfEP9GfQjIC-TSO-De9rEcla21ljBI9IWFblNrRKP8yA0BNjHjv4bZv8lN22iDjJf_5-GTuvdzO_ucLLw4ZqOAvwPKW6cKJYxNk0EszLgEDnsYpEQ0uyNK1vLOBC0xFBbGkYm26YIxguOki65rUBKPHOWQiUq54ryd41UImUED3BJtbrDp1qE0xmm6bp7AX8c_H6Hdc_DYcZ4xOJmKqE0uqRYyN4zyVueUfID5yfIKBXE0K3gkze1lbioxwMEC6wgBQrn6rqA4YEJTKZz4HfGbH4o0HUzUGgYY6ae-lwR7r19X0iOf1jv0_4Z9LnxoM4RFHWjAIH4PTXmeuU6TdZ2QtAjJWm9hLXGKTWbXfiPKEN6h4yJYCBgqk

Requested by

Host: 447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
URL: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 377 KB
130 KB 80ms
23ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38105aac42d1610743fba1feb58227a93739e52333b57597bd988ae71dad6353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132425
x-xss-protection: 0
expires: Fri, 19 Jan 2024 04:42:17 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 317ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkGtSh4Uqdd0QeUJm0rgBRU3czRY9BP2UGf51QPdZ7ehdQJ++k30t6qdRhIZHPHj60waAOjw8BAjqNS8Ggrw3JffVPIyuchI/j5tjrR092Gh1tBGfxNIQyHOCGHVbuvXgdRaO13NGBT6H1jI8JXvwPdIYaHTKf9mzP5JMSR4Ng+tjlMSMQutkINtaKoFZFckZJpTKPLlIyExiQmMA/eGcrhTNGq6RJqVvtwweQq5ZS1Gfvnl/Q9aKcVgkD47lODOsYgf222pqYihPNJNcfkICv9
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx/1.6.2

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B872 40 KB
11 KB 8ms
7ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bf560df25103ef77bdb911273007f0d36073f368670e39c460ba11979303cd07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:42:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2024 19:14:43 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52346
Connection: keep-alive
Content-Length: 10964
Expires: Fri, 19 Jan 2024 19:14:43 GMT

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.8.9/ 429 KB
81 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.9/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0ce49c63580738406cf9dde96aca7fd4590b863d0206d274178765078ba47049

Request headers

Referer: https://revistagalileu.globo.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-mtime: 1705312862
date: Fri, 19 Jan 2024 04:42:17 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 2QBZ8PJDS9KRM3NM
age: 326403
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1705312875
x-amz-meta-mode: 33188
content-length: 82335
x-amz-id-2: eWxxWjWeJy9oSSsyi3kK39IGR5C0pvrb3UYjn/bLcskhw6i7KEo77NENhMjNDOgJi0e2OgXsaHk=
x-served-by: cache-fra-eddf8230069-FRA
last-modified: Mon, 15 Jan 2024 10:01:16 GMT
server: AmazonS3-br
x-timer: S1705639337.482832,VS0,VE0
etag: "cdbb18503fee62a5fdd5ee5f4ace9925"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 273916

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 820E 422 B
507 B 16ms
15ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 24a56ab18d2755963fc4a8a546474068a380cd267a488b5f45f71e662f1ff6eb

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 19 Jan 2024 04:42:17 GMT
machineid: 3407
server: nginx

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame B872 7 B
380 B 33ms
8ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 7ms
7ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://revistagalileu.globo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Fri, 19 Jan 2024 04:42:17 GMT
via: 1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: WAW51-P3
age: 1458187
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1705639338.508601,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits: 100121

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 820E 70 B
148 B 31ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 820E 43 B
425 B 33ms
32ms Image
image/gif 2a05:d018:d29:3601:fb9e:de5f:307d:4267
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/ea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:fb9e:de5f:307d:4267 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 820E 43 B
145 B 8ms
7ms Image
image/gif 54.93.105.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.105.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-105-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

POST
H3 201 usage Show response
api.permutive.com/v2.0/tpd/ 0
36 B 20ms
19ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/tpd/usage?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 seg
secure.adnxs.com/ 0
1 KB 8ms
8ms Image
application/javascript 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=32033999&t=1

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
an-x-request-uuid: 874d011c-fd34-449e-9ba1-e1ff015c215e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.135; 178.162.209.135; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 segment Show response
api.permutive.com/adv/v2/ 37 B
51 B 25ms
25ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b30e332b569a4d1d3e934db078b1548179ceb8de1c861f521f7c9f8c46433501

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 04:42:17 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
content-type: application/json

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CEA9 43 B
215 B 171ms
171ms Image
image/gif 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1806749&asId=2bd2dd32-5b07-bf0d-9d46-7e5f30f324eb&tv=%7Bc:1IDDka,time:823,type:e,im:%7Bpci:%7Btdr:565%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:823,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B818~0%5D,as:%5B818~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:264,fm:u1MsPN5+11%7C121%7C122%7C123%7C13%7C141%7C142%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c1%7C1d%7C1e*.1806749-77544531%7C1e1%7C1f.1806749-77544531%7C1f1,idMap:1e*,rmeas:1,rend:1,renddet:IMG.qs,siq:17,sis:178%7D&br=c
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A7E0
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

281 B
554 B

7ms
7ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Jan 2024 04:42:17 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 19 Jan 2024 04:42:17 GMT
location: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
server: AkamaiGHost

GET
H/1.1 200 auto-user-sync
ads.stickyadstv.com/ 43 B
497 B 95ms
20ms Image
image/gif 2607:ae80:4::25
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync?_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2024 04:42:17 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1705639337390070-501

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=714817281443e1daacbca339ceac1e&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

321ms
105ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=714817281443e1daacbca339ceac1e&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2024 04:42:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MM1X9W797QSC5R0C7ADV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Jan 2024 04:42:17 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=714817281443e1daacbca339ceac1e&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1705639337631015-520

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bridge3.613.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D445 753 KB
241 KB 14ms
13ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0fe83d875faf394978cd04227fb30838db2f4a9bd67e6862e6845c6eee1a09e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 180767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246576
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 02:29:30 GMT
expires: Thu, 16 Jan 2025 02:29:30 GMT
last-modified: Mon, 15 Jan 2024 20:36:05 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jan 2024 04:42:17 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DD1A 40 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 19 Jan 2024 05:05:19 GMT

GET
H2 200 v.php Show response
stg.truvidplayer.com/v5.832/ 299 KB
21 KB 264ms
264ms XHR
text/xml 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.832/v.php?st=xeoIDZPEbVRv1_A35AiQ-Q&e=1705725737&ver=5.832&adid=5f9c0f9f32477b3a15c5a470a366db4ea5831e10&videoUrl=https://vid324.trvdp.com/media/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d/hls/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d.m3u8&height=360&width=640&pageHref=https%253A%252F%252Frevistagalileu.globo.com%252F&videoId=9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d&d=revistagalileu.globo.com&wid=5384&suid=324&env_browser=Chrome%20120.0.6099
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 1ff0395cc92cbc3ffc7d442bb90bc169481c0d7e673c00df27e96076f7db92e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
x-amz-cf-id: Zgd0Hl9UcMz2l9vjRA3fTlRTklHEFn0z7H-D9QUuKKyKo-JCBk1cHg==

GET
H2 204 pixel.gif
p.trvdp.com/ 0
51 B 145ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkloKsf9JzxcKgeauScrHzl3czRY9BP2UGf51QPdZ7ehdQJ++k30t6qdRhIZHPHj60waAOjw8BAjqNS8Ggrw3JffVPIyuchI/j5tjrR092Gh1tBGfxNIQyHOCGHVbuvXgeds+4XTSjenia+JyXkHX45pjZcoyXosVO2Dij6RwAuM6ECLSExf4OyoH3VTtQRordajkyMP8HP4DA4tYj46iaut24unz1TpodOVDUJ/wg3fXl2cLGASkIs4iuz0PDAvXMnW2hi+hXnvpt4Z7Dx9+IaTaBT+DXb28AX9stUDaV/Aw==&cb=84847508
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx/1.6.2

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 41ED 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BKI40qP2pZbq3O6WD7_UPhrurwAkAAAAAOAHgBAI&bg=!ODulO3TNAAZVxkGXdcY7ADQBe5WfON71j_lI03cqjTtGb6yrITSe8rvsn8MBTPSvRFtmrM131SffC0Uf1WOyDe65d9CqAgAAAOJSAAAAAmgBB5kDBdhqvvUu8yRuJOcGQAuooPCIOm-60BLIwzIp6d-SrIS6bHPnataWu4T9lABFly8B4wIFA2HfHjpC1kVaAj2ZDdQkM7ccWR3NpaI1WWBo6BuQMZWv7PbRHneJzE3zrrCI4TGfkZ5gE9neCHruWhA4YycbbQitCpvnPJEc08XIMqymdpntCoGmP0N6lxjwuwUchZ4RqN6RLt8V3Q38qidtBiRxt_53p1rOpxcs7NmUoOPqZdk1SmtWOVfAjP7GHtM6z1hR8IWBHxlx1DMq23eZuZ7ogbT90bA50lgUaJoPZUaEUrmN8NcyRjygRD4bWbjfWCEeeb9PG6YPw_NOQqzjeZnB9IW4-bTxoub-0WYSOOBNfM_NAaE00Bdvx_R71BmcK56Od02GJObf79wFTJ0INWE5Y4nQtI1RUMHOo0eFkw_zL-1mCcMYx5R40kIErP1gZYYKrEoekoiJPz4tykpx_JRsz5oiQf6cjUZiSKoQIZP1ppqHYiTaU7oLPOFZ503PmGqYhXAPXWKmAdwMdhNkSL6yPrDR0LKxVSnX3-uUcM0Ked1CLzHFhxeTRzGoa7SO4OSNfacxIXKOezvVMdT5A665GMNSmONp6C8GH_d70ribawCSl5jD3ylmUcGPEjyJBrgyhaIE5516EDvJu42V_ec08FZBnme0Pgty78blbpOia7UPiVACr4_8xDuzDeWK66sMkLINbmyXFpaOUsh4PpVAdKxgrR1f99Azz0GInPVzg5jTGiw4BYtBL-MYp4xSI29LT7yOU0srEKQub9SeWxENDn0K5_FJFvP2NSqleEw1nJi08ibkUTaghzWLPQkjRIRej8GOE2u6YthhcyLpzvvDsszluxTRY8QwhuylwIG3-mKMIUsmCZ7JLfNItjR0uAK01gaq-B8rSa6_5Yk-brQJry3tRgoF3dVIWURoSZpqrweIwp5W5tewroaaCpvp9JO7zBDzVDWlo9pS-UJ5CC-wodwVr7-9QEaNwTpopxqml7z_nQFh1UeHuHD1QxcQzOBX1zSP

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A7E0 40 KB
11 KB 9ms
8ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bf560df25103ef77bdb911273007f0d36073f368670e39c460ba11979303cd07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:42:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2024 19:14:43 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52346
Connection: keep-alive
Content-Length: 10964
Expires: Fri, 19 Jan 2024 19:14:43 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame A7E0 7 B
380 B 10ms
10ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5653 43 B
215 B 171ms
171ms Image
image/gif 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1806749&asId=975841e1-4625-d8bc-444b-781277f881a6&tv=%7Bc:1IDDmf,pingTime:-10,time:694,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705639337276%7C%7C0cb6060b8aead3cab0f52dcc6cc9b0c8%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7Cb6a63d240a892f8da5808362c70de3fc%7C%7C13cd85e2126f3696a71dc5b0b4140a69%7C%7C9e0af65941da0e827c1c72c461148d61%7C%7C195d864a0a139fafd389a3bc9fa5f9d9%7C%7C28ae7216b55d009f18442af74208e18e%7C%7C1663701684,im:%7Bpci:%7Btdr:525%7D%7D,sca:%7Bspg:2bd2dd32-5b07-bf0d-9d46-7e5f30f324eb%7D%7D
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ed8d:a1dd:8f8c:a667 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 bulk Show response
trc.taboola.com/editoraglobo-galileu/log/3/ 0
319 B 15ms
15ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-galileu/log/3/bulk?tvi48=14791&tvi50=-50&route=AM%3AAM%3AV&lti=trecs&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240118-41-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Fri, 19 Jan 2024 04:42:17 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7448
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230026-FRA
pragma: no-cache
server: nginx
x-timer: S1705639338.726295,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cmAdService.js Show response
vidstat.taboola.com/vpaid/units/33_7_3/infra/ 46 KB
12 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmAdService.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-mtime: 1704535345
date: Fri, 19 Jan 2024 04:42:17 GMT
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P5
age: 1103914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1704535345
x-amz-meta-mode: 33188
content-length: 11556
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Sat, 06 Jan 2024 10:02:26 GMT
server: AmazonS3
x-timer: S1705639338.765965,VS0,VE0
etag: "395c2d3a29b53f05f31fcb3046a9dd43"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: LSpxDgW8A_hZJ5Z9l1dsPchg2ABAbsUZLlTOpr0o2wxfJRgcDXJ2Ow==
x-cache-hits: 147376

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
711 B 7ms
6ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 19 Jan 2024 04:42:17 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 2739
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1705639338.804974,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 47
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 529

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoU8qJ6pdObNJc2nDPvRJ28eu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRfSVngVz8t7hj8V+Dg5LTg1g3TN4GlzIiHo2dll3L+QXS+v+m488pBcdXH6MsGUswFqOTIw/wc/gMDi1iPjqJq6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=93194468
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoU8qJ6pdObNJc2nDPvRJ28eu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRfSVngVz8t7hj8V+Dg5LTg1g3TN4GlzIiHo2dll3L+QXaIIqZ5uVi2fii9/tYy4hc9sKyxMcBAwV/1VP+m9mVD6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=36453422
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:17 GMT
server: nginx/1.6.2

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
655 B 284ms
210ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVVVBTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639337889&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td7_tt0_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
127 B 20ms
19ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 8d8951c6f69d1ea377f6c665d9db8b686687da95ed8cb449cd143b0bb40a7360

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109

POST
H2 204 csi
csi.gstatic.com/ Frame D445 0
234 B 768ms
268ms Ping
image/gif 2404:6800:4004:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lrk5mfup&c=7547676070816&slotId=3773838035408&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97VNJDRK9+3U+VJRi/MU6+Ciu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRYV3oo/LhpCU/9QUcu9aeTxg3TN4GlzIiHo2dll3L+QXS+v+m488pBcdXH6MsGUswFqOTIw/wc/gMDi1iPjqJq6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=27262295
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97VNJDRK9+3U+VJRi/MU6+Ciu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRYV3oo/LhpCU/9QUcu9aeTxg3TN4GlzIiHo2dll3L+QXaIIqZ5uVi2fii9/tYy4hc9sKyxMcBAwV/1VP+m9mVD6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=03899854
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
server: nginx/1.6.2

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
185 B 226ms
225ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVEGATRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639338186&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td7_tt0_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D445 0
54 B 535ms
271ms Ping
image/gif 2404:6800:4004:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lrk5mg8y&c=7547676070816&slotId=3773838035408&ghmsh_eids=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 121ms
112ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoQORUx4Fso7S4K+T7vzlBnOu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRTEFncSkoTdZKKIu5j9J//9pxaye5tBFabYNdKrkJTCQwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=84582457
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 121ms
111ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoQORUx4Fso7S4K+T7vzlBnOu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRTEFncSkoTdZKKIu5j9J//9pxaye5tBFabYNdKrkJTCQILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=72515506
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 309ms
309ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVVEATRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639338425&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td7_tt0_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5653 0
20 B 52ms
46ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2302723160046&version=m202309260101&ct=76&x=1&cor=13393482593217210000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEA9 0
20 B 44ms
44ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=122494188318&version=m202309260101&ct=76&x=1&cor=880530951580817200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 schemas Show response
horizon-schemas.globo.com/ 155 KB
15 KB 802ms
225ms XHR
application/json 186.192.81.117
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-schemas.globo.com/schemas
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.81.117 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-81-117.prt.globo.com
Software: /
Resource Hash: 8f587c7a9634e7a272eeaf801dae7462585dd13eae5431d780ed9c9a23f00263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-encoding: gzip
via: 2.0 CachOS
x-bip: 87853582 asra01mp11lx03ca10.globoi.com
age: 2374
content-length: 14852
x-request-id: 5b946684-5f5e-40fd-8372-8663790303e3
x-thanos: 0AB0D077
vary: Accept-Encoding, X-Forwarded-Proto, Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: max-age=7200, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: user,User-Agent,Content-Type,GLBID,GLBUID,GST

GET
H2 200 dw-check.html Show response
experiences.mrf.io/passexperience/ Frame 953C 3 KB
1 KB 66ms
20ms Document
text/html 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experiences.mrf.io/passexperience/dw-check.html?v=6

Requested by

Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 929578
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400, s-maxage=2592000
cf-cache-status: HIT
cf-ray: 847c690ada45773f-AMS
content-encoding: gzip
content-type: text/html
date: Fri, 19 Jan 2024 04:42:18 GMT
last-modified: Mon, 08 Jan 2024 08:31:32 GMT
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
57ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bbc8e859257b3bb052685f0a1ee727b99e8b57a04347a1f63e48a843468062e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12211
x-xss-protection: 0

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 32ms
14ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:09:15 GMT
content-encoding: gzip
age: 16383
x-guploader-uploadid: ABPtcPqcIAE9NfLhBeKJHVjMhKkGN0BQJnARdQEoKLmIbFmVuhi1Hy9ykcNGqHC96TtYlsUWEm8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6116
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash: crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation: 1694696370171925
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6116
accept-ranges: bytes
expires: Sat, 20 Jan 2024 00:09:15 GMT

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
788 B 20ms
20ms Ping
application/json 141.94.254.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy07.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H2 200 pub-6775984018762070 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 104ms
43ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-6775984018762070?ers=1

Requested by

Host: revistagalileu.globo.com
URL: https://revistagalileu.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a64fbb08fa2bd716e5f8ff8328ae512c762adf8e67ac869147da83c5b58f783f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BIt5BLxRyidNJ-AUA1Zk6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-BIt5BLxRyidNJ-AUA1Zk6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 21ms
21ms Image
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1279394781&rv=41h0&u=AAAAAAAIAAAAACAAAAAAAABA&h=Ag&gtm=45je41h0v884772483&ccid=84772483&cid=G-J1Q87VHPK9&l=G-J1Q87VHPK9.L3906.S16.B13.E2760.I3875.EC10.TC11.HTC0~gtm.init.S0.V0.E36.TS5ccdconversionmarking.TI3.TE0.TS5ccdemdownload.TI5.TE0.TS5ccdemoutboundclick.TI6.TE0.TS5ccdempageview.TI7.TE0.TS5ccdemscroll.TI8.TE0.TS5ccdemsitesearch.TI9.TE0.TS5ccdemvideo.TI10.TE0.TS5ccdgaregscope.TI11.TE0.TS5setproductsettings.TI12.TE0.TS5ogtgooglesignals.TI13.TE0~gtm.js.S0.V0.E30.TS5gct.TI1.TE0~gtm.dom.S0.V0.E17~*.S0.V0.E36~*.S0.V0.E20~*.S0.V0.E21~*.S0.V0.E32~*.S0.V0.E24~gtm.load.S0.V0.E6~gtm.init_consent.S0.V0.E29~GA2783.3147.3406.3444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 95ms
82ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 04:42:18 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 14ms
14ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 23:41:44 GMT
content-encoding: gzip
age: 18034
x-guploader-uploadid: ABPtcPrQ2GeuGSTGDm4QE6pRQKVSCRctN7d6RYCL1Y7NSCk4OflFBdfQMbtpKEkBRJ6h3Sw506Y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash: crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation: 1694696370056280
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8334
accept-ranges: bytes
expires: Fri, 19 Jan 2024 23:41:44 GMT

GET
H2 200 trk
tt-12842-2.seg.t.tailtarget.com/ 70 B
613 B 157ms
113ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-12842-2.seg.t.tailtarget.com/trk?tA=TT-12842-2&tJ=_channel:ed-revistagalileu:1&tK=1705639339&tM=direct&tL=direct&tN=direct&tY=3&tZ=514283851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 u Show response
b.t.tailtarget.com/ 72 B
344 B 149ms
109ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_ttGlobo
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 83a06f5a3d11b80289a75fa46aaf06eabe8b62a43ae157675f10c90b15b9124e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 04:42:18 GMT

POST
H3 201 usage Show response
api.permutive.com/v2.0/tpd/ 0
36 B 19ms
19ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/tpd/usage?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97fIF5dCxYyh+dZ19eYXr3GOu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRVw3x9lJZ46CNiP5LYCaB5RDukXSb9i5PP3P/BjFekcHwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=34940460
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97fIF5dCxYyh+dZ19eYXr3GOu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRVw3x9lJZ46CNiP5LYCaB5RDukXSb9i5PP3P/BjFekcHILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=38331341
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 257ms
257ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVEBATRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639338741&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td8_tt1_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 171C 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 49460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 14:57:58 GMT
expires: Fri, 17 Jan 2025 14:57:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 516B 829 B
1 KB 23ms
22ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

364123bfeb9c735b8681b106b82dd807dabf24e8144e6d0a4e96d4decc2c1785

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MP1uJMWejoYn5ttPknzv1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-MP1uJMWejoYn5ttPknzv1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:18 GMT
expires: Fri, 19 Jan 2024 04:42:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 171C 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 12:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 12:55:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 516B 0
0 44ms
44ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401110101&jk=2501753496430904&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H3 204 AGSKWxXUQJTjPZOqwtEwWxTcthoYQJkPj_fXDVJ1FgN04XJpYt1dHmd1XZuvgp60dpM_sGmKLAPyBlikJIwNoISPJqTXBNWoWG5zhFgC7j-a63Afulvs9XB0rKI3cJ5MamNF0BxyguMI2w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
26ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUQJTjPZOqwtEwWxTcthoYQJkPj_fXDVJ1FgN04XJpYt1dHmd1XZuvgp60dpM_sGmKLAPyBlikJIwNoISPJqTXBNWoWG5zhFgC7j-a63Afulvs9XB0rKI3cJ5MamNF0BxyguMI2w==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LIqc41BJ5a0.es5.O/am=wA/d=1/rs=AJlcJMyuHDquIDjtBjzFOiABIt8N5YwY7Q/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NmvO94BR1UppagwczIf4pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NmvO94BR1UppagwczIf4pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://revistagalileu.globo.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXFYu2kLG2wONHUvfm6BDEQOGR962KdocWY-tw9vsY7O89dwkChhoc6SoKT1N7tSmg9v3BYTVXhilxo6xp3rEk1KUyXu_myuLOeOcDqs4l9-3eeJM_M4GbAatJhq8VmEnyMgXITWQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXFYu2kLG2wONHUvfm6BDEQOGR962KdocWY-tw9vsY7O89dwkChhoc6SoKT1N7tSmg9v3BYTVXhilxo6xp3rEk1KUyXu_myuLOeOcDqs4l9-3eeJM_M4GbAatJhq8VmEnyMgXITWQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1NjM5MzM4LDgwOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yZXZpc3RhZ2FsaWxldS5nbG9iby5jb20vIixudWxsLFtbOCwiTElxYzQxQko1YTAiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbNywiNCJdLFsxMSwiW251bGwsbnVsbCxbMzEwNzQwOTFdXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e81333f45f53e1b07a0588af84e1d03e7ce0a00f16d8d76d3140698155e15fe9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-N0x88VuHQ_qY2j8KrlWUfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-N0x88VuHQ_qY2j8KrlWUfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 171C 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?aaCYNw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 recirculation.php
events.newsroom.bi/ 12 B
0 57ms
20ms Fetch
application/json 141.94.254.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy07.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H2 200 b Show response
b.t.tailtarget.com/ 150 B
581 B 115ms
114ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-12842-2&tY=1&tS=1&tU=0100007FAAFDA965DC067C3002B56715&tX=b.52&tZ=858077632&env=_ttq_ttGlobo
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 74b673d72b59d4fef0b570b4fdcbc1eecd834a87cbc4a281a16a219580ea6a63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sdk-runtime-config.js Show response
buy.tinypass.com/api/v3/anon/assets/ 266 B
327 B 17ms
17ms XHR
application/json 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=VnaP3rYVKc

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

102cd25fc6789b28bf4d85183c57014407b4cd483ee7d28b0cf63dc85d40804c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:18 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 14021
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: M1xgh7sNEkJ
wn: prod-dash-10-0-86-169
last-modified: Fri, 19 Jan 2024 00:48:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.006
cache-control: public, max-age=14400
cf-ray: 847c690caf6a8fd7-FRA
expires: Fri, 19 Jan 2024 08:42:18 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoQ7uNy9CxVZ6BxLAB+qD1QOu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRWK/JKB/Pmu3uxrtAAlbLixDukXSb9i5PP3P/BjFekcHwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=52000298
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoQ7uNy9CxVZ6BxLAB+qD1QOu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRWK/JKB/Pmu3uxrtAAlbLixDukXSb9i5PP3P/BjFekcHILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=25689410
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 289ms
288ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVVVATRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639339010&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td8_tt1_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ca Show response
tt-12842-2.seg.t.tailtarget.com/ 86 B
124 B 114ms
114ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-12842-2.seg.t.tailtarget.com/ca?tZ=590341871&env=_ttq_ttGlobo
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 176bc582549497027595daa8723974b4e3f454c5767079029331d62ebe7e5e26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 18873
dmp.t.tailtarget.com/seg/tailtarget/TT-12842-2/ 43 B
93 B 189ms
112ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.t.tailtarget.com/seg/tailtarget/TT-12842-2/18873
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
290 B 127ms
112ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-12842-2&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1705639339003_2997014919&tJ=CA18873&tQ=ed-revistagalileu&tU=0100007FAAFDA965DC067C3002B56715&tX=b.52&tY=1&tZ=701978547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 20ms
20ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 Jan 2024 04:42:19 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D153 14 KB
6 KB 16ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=revistagalileu.globo.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 04:42:19 GMT
server: Kestrel
server-processing-duration-in-ticks: 1171460
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 50ms
25ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 Jan 2024 04:42:19 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D153
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=globo.com&sn=ChromeSyncframe&so=3&topUrl=revistagalileu.globo.com&bundle=mXihpV9yT1dJWmdPVUZNRTR4NElINUV5dGJ6MG9veFpQVXpIMVRqTzFmV3o3Q0FOc...
https://mug.criteo.com/sid?cpp=juayEnxxclZMbitlYkdsWUlhS2pDVzFDSTVLamV1T1hMUjZDb1dLOEFlMmFwa2dacFUwWWxzcDdhUC85TjZMR2dId3l0M0JPMFRpc3g3WlVGaDlxQVVsbFhpck5kL0JCTXR0bFpIV1F4Y3V0Y1dzbjV2UU5US2lBZ2JoZ0...

436 B
658 B

14ms
14ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=juayEnxxclZMbitlYkdsWUlhS2pDVzFDSTVLamV1T1hMUjZDb1dLOEFlMmFwa2dacFUwWWxzcDdhUC85TjZMR2dId3l0M0JPMFRpc3g3WlVGaDlxQVVsbFhpck5kL0JCTXR0bFpIV1F4Y3V0Y1dzbjV2UU5US2lBZ2JoZ0Y3eE1CM2kxR1oxUGVsaTN3Yy9MT0ZDak1SYUsyRU1nZ05DZXNUNTN1UStlY0hKZHhJMXVWTndYVy9MSW8xRi94ZVh5RzFoUk9oVTM1SmxDSHU2QUN1b3pRNGFqbG5vN21Ta1JWT1d0QmRsL1d4ZmFpTnpvNUdaeFd5RWo1eVVuZCs5alp1SUpsa0N2bk1oSFF5cnd6cVl1UWxCZVNvVWQxbmhER1J4eHAzNXlRa1luc1JQZz18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eb5264df06782a4b9c74398b0925234d7e7635dc7fd4ae909300af7e29dad5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:18 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 740681
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=juayEnxxclZMbitlYkdsWUlhS2pDVzFDSTVLamV1T1hMUjZDb1dLOEFlMmFwa2dacFUwWWxzcDdhUC85TjZMR2dId3l0M0JPMFRpc3g3WlVGaDlxQVVsbFhpck5kL0JCTXR0bFpIV1F4Y3V0Y1dzbjV2UU5US2lBZ2JoZ0Y3eE1CM2kxR1oxUGVsaTN3Yy9MT0ZDak1SYUsyRU1nZ05DZXNUNTN1UStlY0hKZHhJMXVWTndYVy9MSW8xRi94ZVh5RzFoUk9oVTM1SmxDSHU2QUN1b3pRNGFqbG5vN21Ta1JWT1d0QmRsL1d4ZmFpTnpvNUdaeFd5RWo1eVVuZCs5alp1SUpsa0N2bk1oSFF5cnd6cVl1UWxCZVNvVWQxbmhER1J4eHAzNXlRa1luc1JQZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 353131
content-length: 0
expires: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97V82jELlGY+k14rVPAMpTqKu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRbEedXQRvtGXiEtpmWHTxcYZzhot0SyIu41octV/2mwL2wrLExwEDBX/VU/6b2ZUPuq1/hIfo8XV537Nl4VRw5EbOwqJyZjzWAW/Y1q5J0z2038YVDB2bn4HbFXtdgFvlxm/u+nMHegyamk0YZSh9v4=&cb=33715444
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97V82jELlGY+k14rVPAMpTqKu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRbEedXQRvtGXiEtpmWHTxcYZzhot0SyIu41octV/2mwLWo5MjD/Bz+AwOLWI+Oomrit77Wi9GWtipmKd4YD93FQbOwqJyZjzWAW/Y1q5J0z2038YVDB2bn4HbFXtdgFvlxm/u+nMHegyamk0YZSh9v4=&cb=42087418
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 362ms
362ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVEIVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639339310&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td8_tt1_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
48ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401110101&jk=2501753496430904&bg=!HxylHFPNAAa8BdJLnAU7ADQBe5WfOCni9UT4-92VM89tyXXv-tKUT0-ElzqvWNjdNCapjhre7MQUt3jiNoDLzW7VoLRbAgAAAEpSAAAAA2gBBwoAgoFUaGkRCM49bSTQyErtH_VZEgSd2P3DHDciA3ai6nLTj2nBbX59XNY4LxlD6A0c1gVL_q4jWWZw3V9OSIKNaJOI-JYpe2wnvDYJGirO34bnV1L9io3fukZ83AI6B5MWaI5o3lDFvn9BNOlF30e0lrROYbpnFmvOd2nOT3koZ-4iSyyZAsE-gMBRDLuyMznGbPZvXCBRFWYC0kyn5dpUCZjFzAZf8X01aK6sHh8HbMkOB7IJK-s1qT35StuW7go1ct_L__WjzuVxLst9E_WczVsnzy0QVMCJqPc3iXjP7PqTAbZgAdaE4u0A9e2sCoCvnirDxLPEbKyY2nfFOVIZWCNGrcI8O7BQBskjLsJTlnl8jawpJ1alI9q7X9nMerDqSrK_7lZPkUKY4Y5pe4q3URDC5YEPrS06vR8uouR2L_ytRrcfYG685o9Htr8q9ti8AUL-8UIOaj7Dh-rTHkvDru-GTSjYLQotAg56Wk52hZMbZLgSqKoFxO4qbl7-cbcbWJvYc5i4NJ7XeAvKjV5lUyjyg8gEJSBiQbKl2F7eLfCVr-bOLyL6UD8ri5GTtDLFW2Jv29vGlTiZevFUqW9L_8e4CNwiKv9dj0H_S9g_DL61OIUOMjSVSLlxkfqDeQYqp_rOvNqddww6yzjYTufCwM-fm6LEsDgC4EYx7JG3guHTpWMumJjkoQfMPpPOYVBv8krp2Lgn6LkJ4KFZ6QsV7fntgdak6UWD6aOHQiNzdnmz3vdu1jg0DRt3xBNAftM_cyYWl2IQjUmSTwaDmuZmCExX29OOZyAb2BKkoxTyAb8sVlVotk-_PlS0j_SYAFu2QHIfbk2S1F1XnD1VKUTL-6tCox3RU-1sCSNXLHc9qsiXcEAgXvvQbgEgGQ3KSEG8qSxmAdHkF0uHIncSCn1DtaiG-5vTuJXAc247IHLsKGhiR3SHlqRSJsJ2wyEfiX1JW8rYXMNiVLNkMkI_Bidch8Ng7o2VbeNJMUPE5SrEx5ILy5RxyVxrTIPpkoxWCV90RueY3nNH51JRW8kABTXV1ulzslvxLVOp162Vh1uedxx7pEKxsTdjcOsg6zJUJqiapHZjd6g6G4UMT1qsnkftL1vj2JNaYMs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 adb.js Show response
fundingchoicesmessages.google.com/f/AGSKWxXcmCa1Hn9QdoYDRVyl4w1L48Boci8D6mLNqavwE-yZ6cZQWBmd0CLPMuE7OuW-WIBlfGjh4f8ceh4ObnQeScVk0sHhj_2n-xbL5DALmFPNDzTDhqEPib9VesR6jLbe6A-ZEUptMVRC8St4h8NGRpYgpCObB... 54 B
109 B 43ms
43ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXcmCa1Hn9QdoYDRVyl4w1L48Boci8D6mLNqavwE-yZ6cZQWBmd0CLPMuE7OuW-WIBlfGjh4f8ceh4ObnQeScVk0sHhj_2n-xbL5DALmFPNDzTDhqEPib9VesR6jLbe6A-ZEUptMVRC8St4h8NGRpYgpCObBGwtgzrulFHMK51DXP_h7_lUpXW6wS4b/_/ads/right./www/ad__160x350./adb.js?tag=/ad/loading.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LIqc41BJ5a0.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx-Hs0eiopJhgDZxv-jwMMm8fYViw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f067b016302662862dd78d7f9059546800c1fe165953e44205e75bf8df299207

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yW8mhO9ry8f6MCHh4QAXlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-yW8mhO9ry8f6MCHh4QAXlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 03:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 04:52:22 GMT

POST
H3 204 AGSKWxXUQJTjPZOqwtEwWxTcthoYQJkPj_fXDVJ1FgN04XJpYt1dHmd1XZuvgp60dpM_sGmKLAPyBlikJIwNoISPJqTXBNWoWG5zhFgC7j-a63Afulvs9XB0rKI3cJ5MamNF0BxyguMI2w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 25ms
24ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUQJTjPZOqwtEwWxTcthoYQJkPj_fXDVJ1FgN04XJpYt1dHmd1XZuvgp60dpM_sGmKLAPyBlikJIwNoISPJqTXBNWoWG5zhFgC7j-a63Afulvs9XB0rKI3cJ5MamNF0BxyguMI2w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xT9E2NlDuRVx8jwum8a7Cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xT9E2NlDuRVx8jwum8a7Cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYHEVn8HqC8RTAmewzgFip_QZrAFALMTDsfr38rVsAjtOHnjLCAC0-x6l"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXUQJTjPZOqwtEwWxTcthoYQJkPj_fXDVJ1FgN04XJpYt1dHmd1XZuvgp60dpM_sGmKLAPyBlikJIwNoISPJqTXBNWoWG5zhFgC7j-a63Afulvs9XB0rKI3cJ5MamNF0BxyguMI2w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 27ms
27ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUQJTjPZOqwtEwWxTcthoYQJkPj_fXDVJ1FgN04XJpYt1dHmd1XZuvgp60dpM_sGmKLAPyBlikJIwNoISPJqTXBNWoWG5zhFgC7j-a63Afulvs9XB0rKI3cJ5MamNF0BxyguMI2w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DHR_w0CiyhoHT9t9idDz1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-DHR_w0CiyhoHT9t9idDz1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXUQJTjPZOqwtEwWxTcthoYQJkPj_fXDVJ1FgN04XJpYt1dHmd1XZuvgp60dpM_sGmKLAPyBlikJIwNoISPJqTXBNWoWG5zhFgC7j-a63Afulvs9XB0rKI3cJ5MamNF0BxyguMI2w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 25ms
24ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUQJTjPZOqwtEwWxTcthoYQJkPj_fXDVJ1FgN04XJpYt1dHmd1XZuvgp60dpM_sGmKLAPyBlikJIwNoISPJqTXBNWoWG5zhFgC7j-a63Afulvs9XB0rKI3cJ5MamNF0BxyguMI2w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Mw9VRYnIhwf4E3KYaIOF1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-Mw9VRYnIhwf4E3KYaIOF1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://revistagalileu.globo.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXUQJTjPZOqwtEwWxTcthoYQJkPj_fXDVJ1FgN04XJpYt1dHmd1XZuvgp60dpM_sGmKLAPyBlikJIwNoISPJqTXBNWoWG5zhFgC7j-a63Afulvs9XB0rKI3cJ5MamNF0BxyguMI2w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 30ms
30ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUQJTjPZOqwtEwWxTcthoYQJkPj_fXDVJ1FgN04XJpYt1dHmd1XZuvgp60dpM_sGmKLAPyBlikJIwNoISPJqTXBNWoWG5zhFgC7j-a63Afulvs9XB0rKI3cJ5MamNF0BxyguMI2w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NygppRYQgn1_xBioItos0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-NygppRYQgn1_xBioItos0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://revistagalileu.globo.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUvSz14cy9WcQ8zqq_GFp0CnggE-xaxfM93Nppw5oXrDEL7mWDNfeNoiRbK0wa2zntEO5K8sNSNliaowlNCmm0Yq73fsgV-SFe2rARFBdlt4nCrcn-a9LtucJyvPDskOhTIU93T9g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUvSz14cy9WcQ8zqq_GFp0CnggE-xaxfM93Nppw5oXrDEL7mWDNfeNoiRbK0wa2zntEO5K8sNSNliaowlNCmm0Yq73fsgV-SFe2rARFBdlt4nCrcn-a9LtucJyvPDskOhTIU93T9g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1NjM5MzM5LDUyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcmV2aXN0YWdhbGlsZXUuZ2xvYm8uY29tLyIsbnVsbCxbWzgsIkxJcWM0MUJKNWEwIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjQiXSxbMTEsIltudWxsLG51bGwsWzMxMDc0MDkxXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08a4dc20042a1c4c325dffa3498da910b66f8a1f7a246702eb1a4f4b75268605

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Dos_z7jUBb9PdjKMluuKsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Dos_z7jUBb9PdjKMluuKsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUmrP4299Kw6wZffY-dCUQBJxDr3amM6npGfgOqrTr_GbHIFMz3lSS3RNM7WdPFofDXjNx7qgVrVaH5uprspdajY4RB6X40YaNgIX39uVICb0cD_36kewstzGEWBpHCvb5NDvAJmg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 26ms
26ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUmrP4299Kw6wZffY-dCUQBJxDr3amM6npGfgOqrTr_GbHIFMz3lSS3RNM7WdPFofDXjNx7qgVrVaH5uprspdajY4RB6X40YaNgIX39uVICb0cD_36kewstzGEWBpHCvb5NDvAJmg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-L4erzTwN7vsRiun8d0nUug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-L4erzTwN7vsRiun8d0nUug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://revistagalileu.globo.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoTCgGuszzuvj56lszWwwk5eu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRfco2pL/FfEupXCB+rbFDOQZzhot0SyIu41octV/2mwL2wrLExwEDBX/VU/6b2ZUPuq1/hIfo8XV537Nl4VRw5EbOwqJyZjzWAW/Y1q5J0z2038YVDB2bn4HbFXtdgFvlxm/u+nMHegyamk0YZSh9v4=&cb=48651583
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoTCgGuszzuvj56lszWwwk5eu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRfco2pL/FfEupXCB+rbFDOQZzhot0SyIu41octV/2mwLWo5MjD/Bz+AwOLWI+Oomrit77Wi9GWtipmKd4YD93FQbOwqJyZjzWAW/Y1q5J0z2038YVDB2bn4HbFXtdgFvlxm/u+nMHegyamk0YZSh9v4=&cb=05959814
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 223ms
222ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVVIVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639339680&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td9_tt2_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 editoraglobo
horizon-track.globo.com/event/ 0
341 B 421ms
113ms Ping
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-track.globo.com/event/editoraglobo
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 33.79.211.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryxmPKng2EH3PLZrPt

Response headers

date: Fri, 19 Jan 2024 04:42:20 GMT
x-served-from: hzt-tsuru
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
access-control-allow-headers: user,User-Agent,Content-Type,GLBID,GLBUID,ADVERTISING_ID,EXT_ID,globoId
content-length: 0

POST
H2 200 recirculation.php
events.newsroom.bi/ 12 B
0 20ms
20ms Fetch
application/json 141.94.254.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy07.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97Vy5uszx9sCRWsaZl+SRFSuu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRcBg/P+aHI+qA8IQHjE4gCkFpL/XS6n3JDUtuF2LFFt/2wrLExwEDBX/VU/6b2ZUPgDqLhrDPec2v3OpiGhfzKPFENWTRXJQ1bhy2dd3TDmsiEssKvzQSRgW99IdNG5fYPetTW1VG0aonE08hjiN7t8=&cb=82602915
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97Vy5uszx9sCRWsaZl+SRFSuu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRcBg/P+aHI+qA8IQHjE4gCkFpL/XS6n3JDUtuF2LFFt/F3HZOstDfNv1HQozQYeXxdXALHgM1WNDdp0kWkWlWLzFENWTRXJQ1bhy2dd3TDmsiEssKvzQSRgW99IdNG5fYPetTW1VG0aonE08hjiN7t8=&cb=60732745
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:19 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 172ms
172ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVEHVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639339911&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td9_tt2_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoeJ97NgDH4qg9x9zyxW405Ku7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRZCNi6/y9hTEf9OAM78oOur3KRAgxvRxi4anHYMHm7P6wM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=12689888
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:20 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoeJ97NgDH4qg9x9zyxW405Ku7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRZCNi6/y9hTEf9OAM78oOur3KRAgxvRxi4anHYMHm7P6ILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=49167510
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:20 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 298ms
298ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVVHVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639340089&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td9_tt2_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97fG7/FotIBxRUGQg7Yyv1Keu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRcNXopesfaZ8HcuPoVKnkzaiFZo1NzWuHRN5VavjeW/FwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=81180575
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:20 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97fG7/FotIBxRUGQg7Yyv1Keu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRcNXopesfaZ8HcuPoVKnkzaiFZo1NzWuHRN5VavjeW/FILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=30411055
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:20 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 262ms
261ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVEGVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639340396&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td9_tt2_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoV0ChAgbnsORO7KpkH9RDSKu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRZUhBP01MYeldkKERFbHjegP0YeZnKz5A4AoRAfOCbijwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=11570273
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:20 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoV0ChAgbnsORO7KpkH9RDSKu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRZUhBP01MYeldkKERFbHjegP0YeZnKz5A4AoRAfOCbijILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=05505663
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:20 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 332ms
332ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVVGVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639340666&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td10_tt3_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoUNW9+kur0FqQ2nG3ZsgG+mu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRWnOWm6mKnnAMZtFJPCafaBpxaye5tBFabYNdKrkJTCQwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=12866219
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:21 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoUNW9+kur0FqQ2nG3ZsgG+mu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRWnOWm6mKnnAMZtFJPCafaBpxaye5tBFabYNdKrkJTCQILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=94592142
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:21 GMT
server: nginx/1.6.2

POST
H2 200 mbox
vidanalytics.taboola.com/putes/ 2 B
221 B 103ms
77ms Ping
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidanalytics.taboola.com/putes/mbox
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 19 Jan 2024 04:42:21 GMT
via: 1.1 varnish
x-backend-name: 5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00101
server: nginx
x-timer: S1705639341.035356,VS0,VE71
x-cache: MISS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
x-served-by: cache-fra-eddf8230026-FRA

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 428ms
428ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVEFVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639341008&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td10_tt3_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 41ms
15ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frevistagalileu.globo.com%2F&domain=revistagalileu.globo.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://revistagalileu.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 19 Jan 2024 04:42:20 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 212338
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
382 B 14ms
14ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frevistagalileu.globo.com%2F&domain=revistagalileu.globo.com&cw=1&pbt=1&lsw=1

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 265730
expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A2EC 281 B
554 B 7ms
7ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Jan 2024 04:42:21 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 64DF 52 KB
17 KB 38ms
9ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://revistagalileu.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 83746
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 19 Jan 2024 04:42:21 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 05 Jan 2024 05:26:09 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1803, 429656
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230096-FRA
X-Timer: S1705639341.166854,VS0,VE0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A2EC 40 KB
11 KB 8ms
8ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bf560df25103ef77bdb911273007f0d36073f368670e39c460ba11979303cd07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:42:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2024 19:14:43 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52342
Connection: keep-alive
Content-Length: 10964
Expires: Fri, 19 Jan 2024 19:14:43 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 64DF 0
765 B 7ms
6ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:21 GMT
an-x-request-uuid: ba096f41-530b-47ee-acd7-c5266486cfae
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.135; 178.162.209.135; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 16ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-J1Q87VHPK9&gtm=45je41h0v884772483z8893492913&_p=1705639333133&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2089446785.1705639333&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1705639335&sct=1&seg=0&dl=https%3A%2F%2Frevistagalileu.globo.com%2F&dt=Galileu&_s=2&tfd=12054
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-J1Q87VHPK9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97Z1JT6ZDbMdfVG0ZMZhCIAGu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRfG+D7T/gpP6+Cp3tUDhFhoZTv7I1gxN/nGaTFI9Av8GwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=27233556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:21 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97Z1JT6ZDbMdfVG0ZMZhCIAGu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRfG+D7T/gpP6+Cp3tUDhFhoZTv7I1gxN/nGaTFI9Av8GILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=30434624
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:21 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 264ms
264ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FEBFVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639341445&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td10_tt3_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 8ms
7ms Preflight 52.29.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://revistagalileu.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 19 Jan 2024 04:42:21 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 8ms
7ms Fetch 52.29.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 04:42:21 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 8ms
8ms Preflight 52.29.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://revistagalileu.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 19 Jan 2024 04:42:21 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 8ms
8ms Fetch 52.29.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 04:42:21 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 8ms
7ms Fetch 52.29.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 04:42:21 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 7ms
7ms Preflight 52.29.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://revistagalileu.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 19 Jan 2024 04:42:21 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 7ms
7ms Preflight 52.29.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://revistagalileu.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 19 Jan 2024 04:42:21 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 14ms
14ms Fetch 52.29.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 04:42:21 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoUWjWhcic9LQszkUlglYqACu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRWUq+pdOXxRpsCS+cAG/S1mXNSxWxIUciMD+Q2npUxi6wM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=94435570
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:21 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoUWjWhcic9LQszkUlglYqACu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRWUq+pdOXxRpsCS+cAG/S1mXNSxWxIUciMD+Q2npUxi6ILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=75161481
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:21 GMT
server: nginx/1.6.2

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 8ms
7ms Fetch 52.29.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_galileu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 04:42:21 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 7ms
7ms Preflight 52.29.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-17-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://revistagalileu.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 19 Jan 2024 04:42:21 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 299ms
298ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVVFVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639341718&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td11_tt4_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 101ms
101ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97dP/THk8+Tml2MxgMDdRJGiu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRfN/YYbBjPTDTkICHaFxtfJDukXSb9i5PP3P/BjFekcHwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=36377018
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:22 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 101ms
101ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97dP/THk8+Tml2MxgMDdRJGiu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRfN/YYbBjPTDTkICHaFxtfJDukXSb9i5PP3P/BjFekcHILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=66784732
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:22 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 293ms
293ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVEEVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639342024&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td11_tt4_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 64DF 0
766 B 7ms
7ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:22 GMT
an-x-request-uuid: 61d0172e-ed6f-4528-9741-bc9d6ed5970e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.135; 178.162.209.135; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eofayJDgUDjrBgW8ZJPpE6wKu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRcrc1Xf+OENlGe2fZZyPLjivQePs+LphJFEL1QwHTokrwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=27159599
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:22 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eofayJDgUDjrBgW8ZJPpE6wKu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRcrc1Xf+OENlGe2fZZyPLjivQePs+LphJFEL1QwHTokrILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=24483236
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:22 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 334ms
334ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVVEVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639342324&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td11_tt4_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
767 B 49ms
48ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=368&height=207&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1705639342558&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1589&pt=2046099043&tz=60&viewable=true&ddast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2768435&dpubid=375975&abtst=adxsub-out_vA!adxsub-out_vB!aniviewPrebidInteg_vB!iiqwfcontrol_vB!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Frevistagalileu.globo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d9e3eb7df3449a2197334b909b58e0f40ad7f1ae07814b08b8df833b30183244

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 19 Jan 2024 04:42:22 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1412
x-cache: MISS
x-served-by: cache-fra-eddf8230026-FRA
pragma: no-cache
server: nginx
x-timer: S1705639343.560874,VS0,VE38
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97USXIZAuUOEvURoQZ3Mbk6yu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRbJF1SBa6rCSH88AVNHSGJQP0YeZnKz5A4AoRAfOCbijwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=26166042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:22 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97USXIZAuUOEvURoQZ3Mbk6yu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRbJF1SBa6rCSH88AVNHSGJQP0YeZnKz5A4AoRAfOCbijILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=57275136
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:22 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 302ms
301ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVEDVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=586713036541497&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639342664&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td12_tt5_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoTS4aOGRV9HQZQJmUVpfCU2u7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRds4yO6FtsMorzjsurJU9ZBpxaye5tBFabYNdKrkJTCQwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=28828736
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:23 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoTS4aOGRV9HQZQJmUVpfCU2u7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRds4yO6FtsMorzjsurJU9ZBpxaye5tBFabYNdKrkJTCQILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=09571632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:23 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 290ms
290ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVVDVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639342975&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td12_tt5_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1.jpg
s2-galileu.glbimg.com/hp5STYF5DEX4YOth7eWzOd4poiU=/0x0:3000x2000/1200x600/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/t/9/VqH1vGQdamsl... 98 KB
99 KB 225ms
225ms Image
image/avif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-galileu.glbimg.com/hp5STYF5DEX4YOth7eWzOd4poiU=/0x0:3000x2000/1200x600/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_fde5cd494fb04473a83fa5fd57ad4542/internal_photos/bs/2024/t/9/VqH1vGQdamslw52XhQSA/1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 2da69c31da6ce551ea123d6e2ca0765e11559a6a00ec6592bb8454ce365ceaa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:41:58 GMT
via: 2.0 CachOS
x-bip: 485989365 ra01 14 03 02
age: 31020
x-cache-server: thumbor/nginx-cache
content-length: 100818
x-cached: MISS
x-request-id: 7cdb0716-cd3b-4b8f-827d-82291aad7c0d
x-forwarded-host: s2-galileu.glbimg.com
x-thanos: 0AB0D090
etag: "3f4a6304b514144ac7c8c10010c7548bd34c86bc"
vary: Origin, Accept
content-type: image/avif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 17 Feb 2024 20:05:22 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97eqQLhxqxCKUuR8Ow+vKuVyu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRegROHhcaDAlmKRmp5ac/ghDukXSb9i5PP3P/BjFekcHwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=26357707
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:23 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97eqQLhxqxCKUuR8Ow+vKuVyu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRegROHhcaDAlmKRmp5ac/ghDukXSb9i5PP3P/BjFekcHILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=00894551
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:23 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 275ms
275ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVECVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639343274&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td12_tt5_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 102ms
102ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoe3AAyCM2Jh/gxjW4A66SZCu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRRwgKrZVH43F8YqsFYYluY4ZTv7I1gxN/nGaTFI9Av8GwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=90719088
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:23 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 554ms
554ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoe3AAyCM2Jh/gxjW4A66SZCu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRRwgKrZVH43F8YqsFYYluY4ZTv7I1gxN/nGaTFI9Av8GILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=44082813
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:23 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 347ms
347ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVVCVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639343557&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td13_tt6_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 199ms
199ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97drXOFW3j+9NYA5GETt9ZYWu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRW+cNVYqn4+WRs9byecE2oKXNSxWxIUciMD+Q2npUxi6wM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=41260992
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:23 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 199ms
199ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97drXOFW3j+9NYA5GETt9ZYWu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRW+cNVYqn4+WRs9byecE2oKXNSxWxIUciMD+Q2npUxi6ILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=14098919
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:23 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 308ms
308ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVEBVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639343914&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td13_tt6_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 recirculation.php
events.newsroom.bi/ 12 B
0 20ms
20ms Fetch
application/json 141.94.254.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy07.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jan 2024 04:42:24 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
98ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoehyoxqG8t1lRHZkHkOe3Giu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRf7CwGd5bWsDQTlrsBFLUBSvQePs+LphJFEL1QwHTokrwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=90205405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:24 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
98ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoehyoxqG8t1lRHZkHkOe3Giu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRf7CwGd5bWsDQTlrsBFLUBSvQePs+LphJFEL1QwHTokrILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=45422197
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:24 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 316ms
316ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVVBVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639344232&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td13_tt6_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97b30C/p37pt/fFVUuyXF23Wu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRXWnoF1Pbj8XSHUmHT8Ag1kP0YeZnKz5A4AoRAfOCbijwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=77425922
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:24 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97b30C/p37pt/fFVUuyXF23Wu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRXWnoF1Pbj8XSHUmHT8Ag1kP0YeZnKz5A4AoRAfOCbijILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=91962417
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:24 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 218ms
217ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVHAVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639344557&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td14_tt7_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eob6AOwcIokBzD9bTs28Wsuau7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRYSGLy6QmUgUzPK+kMetkSEP0YeZnKz5A4AoRAfOCbijwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=12133611
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:24 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eob6AOwcIokBzD9bTs28Wsuau7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRYSGLy6QmUgUzPK+kMetkSEP0YeZnKz5A4AoRAfOCbijILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=54655724
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:24 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 237ms
237ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVGAVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639344783&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td14_tt7_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97Z/ddHX1niMZkjjbzSv51+Ku7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRewBfHivHjosWewRm5pDmdEZTv7I1gxN/nGaTFI9Av8GwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=45554483
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:25 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97Z/ddHX1niMZkjjbzSv51+Ku7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRewBfHivHjosWewRm5pDmdEZTv7I1gxN/nGaTFI9Av8GILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=66365036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:25 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 232ms
232ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVFAVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639345028&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td14_tt7_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoTYCobIxm/AB1f6J4+wh2luu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRcJcUsiG31rKHal5dMC3YF8FpL/XS6n3JDUtuF2LFFt/2wrLExwEDBX/VU/6b2ZUPgDqLhrDPec2v3OpiGhfzKPFENWTRXJQ1bhy2dd3TDmsiEssKvzQSRgW99IdNG5fYPetTW1VG0aonE08hjiN7t8=&cb=88130953
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:25 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoTYCobIxm/AB1f6J4+wh2luu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRcJcUsiG31rKHal5dMC3YF8FpL/XS6n3JDUtuF2LFFt/F3HZOstDfNv1HQozQYeXxdXALHgM1WNDdp0kWkWlWLzFENWTRXJQ1bhy2dd3TDmsiEssKvzQSRgW99IdNG5fYPetTW1VG0aonE08hjiN7t8=&cb=38319165
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:25 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 237ms
237ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVEAVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639345270&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td14_tt7_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97S7UykOTakmSLWqKqEaH8buu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRW51fz+fcuqjF9sImRozhBOorPE0Vayf9H41ZLfDqIT2wM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=09308271
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:25 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97S7UykOTakmSLWqKqEaH8buu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRW51fz+fcuqjF9sImRozhBOorPE0Vayf9H41ZLfDqIT2ILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=79692223
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:25 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 250ms
250ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVCAVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639345515&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td15_tt8_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoc1d3Ryg2NArtQPJTXPTvDqu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRdtCEwQaIyDD7QYcUnhmE0EFpL/XS6n3JDUtuF2LFFt/2wrLExwEDBX/VU/6b2ZUPgDqLhrDPec2v3OpiGhfzKPFENWTRXJQ1bhy2dd3TDmsiEssKvzQSRgW99IdNG5fYPetTW1VG0aonE08hjiN7t8=&cb=80572599
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:25 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoc1d3Ryg2NArtQPJTXPTvDqu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRdtCEwQaIyDD7QYcUnhmE0EFpL/XS6n3JDUtuF2LFFt/F3HZOstDfNv1HQozQYeXxdXALHgM1WNDdp0kWkWlWLzFENWTRXJQ1bhy2dd3TDmsiEssKvzQSRgW99IdNG5fYPetTW1VG0aonE08hjiN7t8=&cb=28578177
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:25 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 242ms
242ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVBAVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639345777&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td15_tt8_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97V0GuCELOOCjX7Ax66iTQpCu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRb3oe0AdzEkf92pcglhAn70P0YeZnKz5A4AoRAfOCbijwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=74670188
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:26 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97V0GuCELOOCjX7Ax66iTQpCu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRb3oe0AdzEkf92pcglhAn70P0YeZnKz5A4AoRAfOCbijILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=33680620
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:26 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 215ms
215ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVAAVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639346029&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td15_tt8_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoTGbuTkz2E+355wuQkD61bmu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRZqmyaiFM+eyEY8YwEVY7tIFpL/XS6n3JDUtuF2LFFt/2wrLExwEDBX/VU/6b2ZUPgDqLhrDPec2v3OpiGhfzKPFENWTRXJQ1bhy2dd3TDmsiEssKvzQSRgW99IdNG5fYPetTW1VG0aonE08hjiN7t8=&cb=40253431
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:26 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 101ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoTGbuTkz2E+355wuQkD61bmu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRZqmyaiFM+eyEY8YwEVY7tIFpL/XS6n3JDUtuF2LFFt/F3HZOstDfNv1HQozQYeXxdXALHgM1WNDdp0kWkWlWLzFENWTRXJQ1bhy2dd3TDmsiEssKvzQSRgW99IdNG5fYPetTW1VG0aonE08hjiN7t8=&cb=55146697
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:26 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 355ms
355ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVVAVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639346254&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td15_tt8_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF4gj65d8QEfiTP04aQw3HBveceYZ2sIEYfbfNViYxqkHc/EpyC6A0G/JbJv8Zd096kUfyCX09JgLDky81PIGZvx//nhNKcm43xM2jexYTmRrK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EDx9fmdY5nDxejndd9qjrENd49rcGxx+nHM/eED1tHyRTQfM5wFj1Va9yPQ1Srb5s=&cb=83384273
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:26 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF4gj65d8QEfiTP04aQw3HBveceYZ2sIEYfbfNViYxqkHc/EpyC6A0G/JbJv8Zd096kUfyCX09JgLDky81PIGZvx//nhNKcm43xM2jexYTmRrK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8Dx9fmdY5nDxejndd9qjrENd49rcGxx+nHM/eED1tHyRTQfM5wFj1Va9yPQ1Srb5s=&cb=06987336
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:26 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 278ms
277ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2Fvideo1%2FVHVVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639346620&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td16_tt9_pd16_la16000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97fJirJKm4bO2iLfoD2gGe+eu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRZD9HkW7nszsEKG8PWj3uD+vQePs+LphJFEL1QwHTokrwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=05499659
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:26 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97fJirJKm4bO2iLfoD2gGe+eu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRZD9HkW7nszsEKG8PWj3uD+vQePs+LphJFEL1QwHTokrILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=48014005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:26 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 264ms
263ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FVGVVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639346907&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td16_tt9_pd16_la16000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF4gj65d8QEfiTP04aQw3HBj4VJrhZUm5RGgcoD92Ax+zc/EpyC6A0G/JbJv8Zd096kUfyCX09JgLDky81PIGZv9ZHfiD5TYvBgrLhPAj2EbPK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EDx9fmdY5nDxejndd9qjrENd49rcGxx+nHM/eED1tHyRTQfM5wFj1Va9yPQ1Srb5s=&cb=06303103
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:27 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF4gj65d8QEfiTP04aQw3HBj4VJrhZUm5RGgcoD92Ax+zc/EpyC6A0G/JbJv8Zd096kUfyCX09JgLDky81PIGZv9ZHfiD5TYvBgrLhPAj2EbPK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8Dx9fmdY5nDxejndd9qjrENd49rcGxx+nHM/eED1tHyRTQfM5wFj1Va9yPQ1Srb5s=&cb=50565044
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:27 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 318ms
318ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2Fvideo1%2FVFVVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639347180&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td16_tt9_pd16_la16000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoXSdYce9iOfr+snJbJrrAyGu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRSHD2K1vyliKaUuuPuKKTa+vQePs+LphJFEL1QwHTokrwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=20488360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:27 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoXSdYce9iOfr+snJbJrrAyGu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRSHD2K1vyliKaUuuPuKKTa+vQePs+LphJFEL1QwHTokrILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=51605384
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:27 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 246ms
246ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVEVVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639347509&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td17_tt10_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
818 B 80ms
42ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=368&height=207&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1705639347558&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1589&pt=2046099043&tz=60&viewable=true&ddast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2768435&dpubid=375975&abtst=adxsub-out_vA!adxsub-out_vB!aniviewPrebidInteg_vB!iiqwfcontrol_vB!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Frevistagalileu.globo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8aa71b4d4d4f0dc2e873b4737e53a3978c1f91a50fb1e0b8aba0cc03dd9e6929

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:27 GMT
content-encoding: gzip
server: nginx
machineid: 1427
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97euNUETqggzgjo568tK1gE2u7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRW/Kr+3kJIPP4CuKHbIf6lwZTv7I1gxN/nGaTFI9Av8GwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=31450189
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:27 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97euNUETqggzgjo568tK1gE2u7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRW/Kr+3kJIPP4CuKHbIf6lwZTv7I1gxN/nGaTFI9Av8GILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=80052067
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:27 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 220ms
220ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FEDVVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639347764&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td17_tt10_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eodeQkq6xpg1PeuWfVse8sA6u7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRY0FumfivqF+MCIvZSZc4h1pxaye5tBFabYNdKrkJTCQwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=48055386
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:28 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eodeQkq6xpg1PeuWfVse8sA6u7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRY0FumfivqF+MCIvZSZc4h1pxaye5tBFabYNdKrkJTCQILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=42423733
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:28 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 239ms
239ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVDVVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639347993&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td17_tt10_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 102ms
102ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97Qbhl5bYHDsCv/Wd11qF0M6u7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRRz4x7rjMmsp9nBNq2+fyUBDukXSb9i5PP3P/BjFekcHwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=62883393
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:28 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 102ms
102ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFWOivhW3cKKJHhFdhruP97Qbhl5bYHDsCv/Wd11qF0M6u7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRRz4x7rjMmsp9nBNq2+fyUBDukXSb9i5PP3P/BjFekcHILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=84116055
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:28 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 347ms
347ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C85042905%2Fvideo_1%2FECVVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639348243&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td17_tt10_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoaUpEb7D3XRjU6cBRxDZ9omu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRWPMEba81njWeyIBr8zjt2AFpL/XS6n3JDUtuF2LFFt/2wrLExwEDBX/VU/6b2ZUPgDqLhrDPec2v3OpiGhfzKPFENWTRXJQ1bhy2dd3TDmsiEssKvzQSRgW99IdNG5fYPetTW1VG0aonE08hjiN7t8=&cb=74678958
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:28 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoaUpEb7D3XRjU6cBRxDZ9omu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRWPMEba81njWeyIBr8zjt2AFpL/XS6n3JDUtuF2LFFt/F3HZOstDfNv1HQozQYeXxdXALHgM1WNDdp0kWkWlWLzFENWTRXJQ1bhy2dd3TDmsiEssKvzQSRgW99IdNG5fYPetTW1VG0aonE08hjiN7t8=&cb=76041848
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:28 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 234ms
234ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C85042905%2FVideo1%2FVCVVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639348599&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td18_tt11_pd18_la18000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ptv Show response
secure.adnxs.com/ 6 KB
2 KB 64ms
64ms XHR
application/xml 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=21778525&referrer=revistagalileu.globo.com&vwidth=640&vheight=360&cb=46003834&us_privacy=1---&gdpr=1&gdpr_consent=&schain=324

Requested by

Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

41c77bec68165514049db9209058c8f98e5817c74f0442004275cf87e97d793a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:28 GMT
content-encoding: gzip
an-x-request-uuid: a799faa1-52e9-4be3-9d2e-a7c6cc76997e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.135; 178.162.209.135; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoTZoBCm629Ef1mRHS1jeW2mu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRRNesW7itvgaA91IZYl5B/MFpL/XS6n3JDUtuF2LFFt/2wrLExwEDBX/VU/6b2ZUPgDqLhrDPec2v3OpiGhfzKPFENWTRXJQ1bhy2dd3TDmsiEssKvzQSRgW99IdNG5fYPetTW1VG0aonE08hjiN7t8=&cb=31205915
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:28 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zFZQ/+v8uHYMLzBwpsGn6eoTZoBCm629Ef1mRHS1jeW2mu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRRNesW7itvgaA91IZYl5B/MFpL/XS6n3JDUtuF2LFFt/F3HZOstDfNv1HQozQYeXxdXALHgM1WNDdp0kWkWlWLzFENWTRXJQ1bhy2dd3TDmsiEssKvzQSRgW99IdNG5fYPetTW1VG0aonE08hjiN7t8=&cb=35715155
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:28 GMT
server: nginx/1.6.2

GET
H2 200 emp.xml Show response
v.trvdp.com/ 156 B
634 B 49ms
11ms XHR
text/xml 18.173.233.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v.trvdp.com/emp.xml
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-75.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 862f4d37f897bda0352e73cad6f2cea5a5c42ace80b49fc86fd825888f263c0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 12:30:47 GMT
via: 1.1 eed2fc0be4de295d60fbdc1c413e4628.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
age: 7488702
x-cache: Hit from cloudfront
content-length: 156
last-modified: Thu, 10 Feb 2022 15:10:12 GMT
server: AmazonS3
etag: "16994730cab3bea5b4501a4a7f920029"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: 5rSgliwIpVmwgOAv-qzioxDdpzD1A1t1qfHJcBueUbU3y7vjlHHchQ==

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAQJetYau9usIaQqiGuDPUJKu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRYYkG6B8nS18IhzWBhJLJPZQ5ZmmoG2SG+14yZCZHeagS+v+m488pBcdXH6MsGUswFqOTIw/wc/gMDi1iPjqJq6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=80611893
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAQJetYau9usIaQqiGuDPUJKu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRYYkG6B8nS18IhzWBhJLJPZQ5ZmmoG2SG+14yZCZHeagaIIqZ5uVi2fii9/tYy4hc9sKyxMcBAwV/1VP+m9mVD6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=90498757
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 193ms
193ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22841804786%2C205734668%2FVideo1%2FVEEATRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639348960&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td18_tt11_pd18_la18000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAbRJZ2kYIbZ8HVeNFejQ+Pmu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRSNcsdnL9kRguckj+Kj9xIivQePs+LphJFEL1QwHTokrwM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ulYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=19016765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAbRJZ2kYIbZ8HVeNFejQ+Pmu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRSNcsdnL9kRguckj+Kj9xIivQePs+LphJFEL1QwHTokrILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=18575770
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 165ms
165ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22841804786%2C205734668%2FVideo1%2FVEVATRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639349161&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td18_tt11_pd18_la18000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAetJ8OvW+PzFryS+f9Mii8iu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRQ+Z/XlOi8iX/OZoY7E0XS6OXFQ93Tqfv0hPdB7/1edZS+v+m488pBcdXH6MsGUswFqOTIw/wc/gMDi1iPjqJq6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=29047678
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAetJ8OvW+PzFryS+f9Mii8iu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRQ+Z/XlOi8iX/OZoY7E0XS6OXFQ93Tqfv0hPdB7/1edZaIIqZ5uVi2fii9/tYy4hc9sKyxMcBAwV/1VP+m9mVD6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=99725810
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 161ms
160ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22841804786%2C205734668%2FVideo1%2FEBIVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639349339&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td18_tt11_pd18_la18000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAWC5uyL2NyzgMcdyZslJQW+u7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRbfXBFuIE/CUpBw37yzwzIuOXFQ93Tqfv0hPdB7/1edZS+v+m488pBcdXH6MsGUswFqOTIw/wc/gMDi1iPjqJq6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=79456266
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAWC5uyL2NyzgMcdyZslJQW+u7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRbfXBFuIE/CUpBw37yzwzIuOXFQ93Tqfv0hPdB7/1edZaIIqZ5uVi2fii9/tYy4hc9sKyxMcBAwV/1VP+m9mVD6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=78165099
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 159ms
159ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22841804786%2C205734668%2FVideo1%2FEBHVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639349507&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td19_tt12_pd19_la19000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lARoonTlL2Kuw9QPAWXCtJaSu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRWmW1GvXiGSrcF4d0KCxOcyOXFQ93Tqfv0hPdB7/1edZS+v+m488pBcdXH6MsGUswFqOTIw/wc/gMDi1iPjqJq6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=50016064
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lARoonTlL2Kuw9QPAWXCtJaSu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRWmW1GvXiGSrcF4d0KCxOcyOXFQ93Tqfv0hPdB7/1edZaIIqZ5uVi2fii9/tYy4hc9sKyxMcBAwV/1VP+m9mVD6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=89130488
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 155ms
155ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22841804786%2C205734668%2FVideo1%2FEBGVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639349677&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td19_tt12_pd19_la19000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 editoraglobo
horizon-track.globo.com/event/ 0
340 B 115ms
114ms Ping
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-track.globo.com/event/editoraglobo
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 33.79.211.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryOab670LwQKHERYhk

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
x-served-from: hzt-tsuru
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://revistagalileu.globo.com
access-control-allow-credentials: true
access-control-allow-headers: user,User-Agent,Content-Type,GLBID,GLBUID,ADVERTISING_ID,EXT_ID,globoId
content-length: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAdbJOUrKmR2WlHVdV1rklbCu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRS9WBlfZpitQ2U2IGcBITxydS0hAy6+Vy9RQne6AlWtNS+v+m488pBcdXH6MsGUswFqOTIw/wc/gMDi1iPjqJq6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=61908676
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAdbJOUrKmR2WlHVdV1rklbCu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRS9WBlfZpitQ2U2IGcBITxydS0hAy6+Vy9RQne6AlWtNaIIqZ5uVi2fii9/tYy4hc9sKyxMcBAwV/1VP+m9mVD6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=00526694
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:29 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 179ms
179ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22841804786%2C205734668%2FVideo1%2FEAFVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639349843&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td19_tt12_pd19_la19000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAYmFLI5ntDr8+QIbjQYNt7Ku7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRZiKCbrEpLKWlu7lfR4F4JCOXFQ93Tqfv0hPdB7/1edZS+v+m488pBcdXH6MsGUswFqOTIw/wc/gMDi1iPjqJq6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=59783474
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAYmFLI5ntDr8+QIbjQYNt7Ku7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRZiKCbrEpLKWlu7lfR4F4JCOXFQ93Tqfv0hPdB7/1edZaIIqZ5uVi2fii9/tYy4hc9sKyxMcBAwV/1VP+m9mVD6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=22493062
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 158ms
158ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22841804786%2C205734668%2FVideo1%2FEBEVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639350029&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td19_tt12_pd19_la19000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAT1utaCnwgVhu482h28qIOGu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRd2bLKlF0ylecYDxTQreTy6OXFQ93Tqfv0hPdB7/1edZS+v+m488pBcdXH6MsGUswFqOTIw/wc/gMDi1iPjqJq6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=21430483
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAT1utaCnwgVhu482h28qIOGu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRd2bLKlF0ylecYDxTQreTy6OXFQ93Tqfv0hPdB7/1edZaIIqZ5uVi2fii9/tYy4hc9sKyxMcBAwV/1VP+m9mVD6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=47713627
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 158ms
158ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22841804786%2C205734668%2FVideo1%2FEBDVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639350195&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td19_tt12_pd19_la19000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lATM+GRjTN1K182JlLiOvtDmu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRZvG600qzhR7XvE+KfIpP1scamUHuVfrlbs4Q4/nT95rVuf1cz79U5FcH0zbV46d030wcoXjOpdJe1AvFvpo2FGNm9frWhkWoAfoeS1Q20xVw42hB6oFP9z5m7VvCehBTafzirvPw2ERqzTzJo8w6MQhUlKjDR5VqTmCAkqnKctz&cb=17491318
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lATM+GRjTN1K182JlLiOvtDmu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRZvG600qzhR7XvE+KfIpP1scamUHuVfrlbs4Q4/nT95r3k3VPO9ME0rcr3YneCwCwsDNmQrmtWZfAXm1+5lWClWNm9frWhkWoAfoeS1Q20xVw42hB6oFP9z5m7VvCehBTafzirvPw2ERqzTzJo8w6MQhUlKjDR5VqTmCAkqnKctz&cb=46229862
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 159ms
159ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22841804786%2C205734668%2FVideo1%2FEBCVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639350365&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td19_tt12_pd19_la19000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAZH+OqMEPglLRZKO60VXgtmu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRUBBUTmDGRF6ZpHX4yN7y8uOXFQ93Tqfv0hPdB7/1edZS+v+m488pBcdXH6MsGUswFqOTIw/wc/gMDi1iPjqJq6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=34599477
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAZH+OqMEPglLRZKO60VXgtmu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRUBBUTmDGRF6ZpHX4yN7y8uOXFQ93Tqfv0hPdB7/1edZaIIqZ5uVi2fii9/tYy4hc9sKyxMcBAwV/1VP+m9mVD6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=47285144
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 156 B
142 B 182ms
182ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22841804786%2C205734668%2FVideo1%2FEBBVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639350535&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td20_tt13_pd20_la20000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmmBzy2/IEBY6IdyYsZ8FDiEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAfzwiyVOOd5zH4U4eb6Bv7Wu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRRwdSaUaJxzflYNSmuWGaoH5JBKyCjWgZvOlSRQZRC/eS+v+m488pBcdXH6MsGUswFqOTIw/wc/gMDi1iPjqJq6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=96378609
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkw85m7rOFoxDk58Nh/RFc3EPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAfzwiyVOOd5zH4U4eb6Bv7Wu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRRwdSaUaJxzflYNSmuWGaoH5JBKyCjWgZvOlSRQZRC/eaIIqZ5uVi2fii9/tYy4hc9sKyxMcBAwV/1VP+m9mVD6AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=01270183
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D445 85 KB
16 KB 204ms
204ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22841804786%2C205734668%2FVideo1%2FEGAVTRVD_globo.com&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2548733138621162&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Frevistagalileu.globo.com%2F&description_url=https%3A%2F%2Frevistagalileu.globo.com%2F&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=3611276493&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=1FADC249-BEAF-4D8F-9629-E24557004CE3&a3p=EhkKCnVpZGFwaS5jb20Y_JmbgNIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRieq5uA0jFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8mZuA0jFIAFICCGQSOwoKcHViY2lkLm9yZxIkMWJmYTQyOWEtNTNjZS00MDMyLWI1MDMtNDZlMzhkODY1ZDFmGJ-am4DSMUgAEh0KDmVzcC5jcml0ZW8uY29tGPyZm4DSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEZHQwUnBUMnk1VjBrU0FYb3M5NWNDK0VuSm1KQ2JnQ05naTJ3L1VDTXY3dmdUeGhkQktqb082Zlc1SStsMy9acXNaVDNDUEYzb2NhcHJVTjZTajBVa3FZQlBEUEQzOE5ER1JOVmlZaHFFOXJ0TzdQalBJYkxiQ2dXQVB3bDdYUE9iN3VKb05KYlBkbDVFb09GSVFsNm5mZ2ZYR1c3VFlpcVNFVUY3dGNBWmM9GOWtm4DSMUgAEj4KBW9wZW54EixleUpwSWpvaWJqZHVRMVJrYzNKUk0yVXdZMlE1YzBGSE1qSlhkejA5SW4wPRitrpuA0jFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&top=https%3A%2F%2Frevistagalileu.globo.com%2F&loc=https%3A%2F%2Frevistagalileu.globo.com%2F&dlt=1705639330513&idt=7173&dt=1705639350728&cookie=ID%3D6e6379cab91ddc8c%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MYie3UcEz76JSnc6an1QPNBLRljCA&gpic=UID%3D00000d43f2336993%3AT%3D1705639333%3ART%3D1705639333%3AS%3DALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w&scor=4453060101928795&ged=ve4_td20_tt13_pd20_la20000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8611ae58033f2a9e522526698fa9b35c46b7fd0a76a114e7ef5db15820649d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15958
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D445 0
54 B 271ms
270ms Ping
image/gif 2404:6800:4004:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lrk5mgfj&c=7547676070816&slotId=3773838035408&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D445 0
0 53ms
53ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=noextension&lid=143&sdkv=h.3.613.0&e=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&id=ima_html5&c=1361178934725980&domain=revistagalileu.globo.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame D445 453 B
478 B 16ms
16ms Image
image/png 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-9507736279911916

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:14:16 GMT
x-content-type-options: nosniff
age: 1694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 05:04:16 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D445 42 B
64 B 54ms
53ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDTjLtv2pZcrrLtumjuwP48GS4A_Tku-odeyL0c3BEfy1g534ChABIL-DvJcBYJWCoIKwB6ABw_-LywPIAQGpAgGOKEV9P7I-4AIAqAMBmAQAqgSfA0_Qp4rByXSrgGxDyQR4s1pKwB0iwrH40dRZ1smHsNcro6vsWjw-JGVIbHGnk8wXMFqJgNJli1GqWa2JKZMMPb6whoJy0ngiNx7SvIMQ_Ks4GZ1mfzDDDOxiOuG8vAOygeiBSbb7uUGB_kg9SbR0fs5m1_3UEMaU6n7Hs4_0rBmSRLmPxVcQoO-OLUh13LxoDNSbQO-A3YCX2YCWi8xJTMhyiU_jizVXL7SDwGe6n3liXpuROk5trcL3WK4RbP6IY7nFrGzrX356_vnf1x9MHGcU4SFlcIAJhTaVk8uxjFR7HQUAba4nly_n8Ud-LcJxGAZgtHaeHXrN-64vUomU3QBQNl1___PbaCtPhzFmRKS3uajHhgadpNuAEMN3CBM0Druh3AO76-F3dnbiu0tZHxX_zzkxERW9zb8c9GMnUR1WkELdoX-vb-zq0LELwP8xgjbH8byNyAVdna5R2zexj1hPf3kN1tC93Eo7pW8qq69PRmlEAZIDStwS6JJJuVjjSS9lElME-vLdsDbh4x7_ThQDBvSuR-_Dv4w0jYNDhXbABLfoyd-4BOAEAYgFnuSe80qgBlSAB5-CyTWoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAcBABGB0yAusCOgKAQEi9_cE6WJj99tzR6IMDmglIaHR0cHM6Ly93d3cubWFnaWNsaWZlLmNvbS9kZS9kZS9jbHVidXJsYXViL3R1ZXJrZWkvbWFzbWF2aS9jbHViLWRldGFpbHMvsQlvtAHlWD3vCYAKA8gLAdALDuALAaIMCCoGCgSsurEC2gwQCgoQsPLAydTUiOYTEgIBA5oNAQ6qDQJERcgNAeINEwihrPfc0eiDAxVbk4MHHeOgBPzYEwvQFQHiFgIIAfgWAYAXAQ&sigh=Yr5BLbNv19A&label=show_ad&sdkv=h.3.613.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwMTcyNjY2NjIyMDIMNjYzMjYxMjMzMjY0QM4BUiYI0A8QDyUAAHBBKAE6C3F5anFNaWd6R0RjQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame D445 0
0 53ms
53ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CCPGBtv2pZcrrLtumjuwP48GS4A_Tku-odeyL0c3BEfy1g534ChABIL-DvJcBYJWCoIKwB6ABw_-LywPIAQGpAgGOKEV9P7I-4AIAqAMBmAQAqgScA0_Qp4rByXSrgGxDyQR4s1pKwB0iwrH40dRZ1smHsNcro6vsWjw-JGVIbHGnk8wXMFqJgNJli1GqWa2JKZMMPb6whoJy0ngiNx7SvIMQ_Ks4GZ1mfzDDDOxiOuG8vAOygeiBSbb7uUGB_kg9SbR0fs5m1_3UEMaU6n7Hs4_0rBmSRLmPxVcQoO-OLUh13LxoDNSbQO-A3YCX2YCWi8xJTMhyiU_jizVXL7SDwGe6n3liXpuROk5trcL3WK4RbP6IY7nFrGzrX356_vnf1x9MHGcU4SFlcIAJhTaVk8uxjFR7HQUAba4nly_n8Ud-LcJxGAZgtHaeHXrN-64vUomU3QBQNl1___PbaCtPhzFmRKS3uajHhgadpNuAEMN3CBM0Druh3AO76-F3dnbiu0tZHxX_zzkxERW9zb8c9GMnUR1WkELdoX-vb-zq0LELwP8xgjbH8byNyAVdna5R2zexj1hPf3kN1tC93Eo7pW8qq69PRmlEAZIDCN4zen3hbFR8nBSTuzTBe-L4upvrzQYlqKVkw38TaMPbUgH5gRzABLfoyd-4BOAEAYgFnuSe80qSBREIEhAFGA8wt7DMwaLGupSrAaAGVIAHn4LJNagH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQ18y3AagIAdIIHwiA4YBwEAEYHTIC6wI6AoBASL39wTpYmP323NHogwOaCV1odHRwczovL3d3dy5tYWdpY2xpZmUuY29tL2RlL2RlL2NsdWJ1cmxhdWIvdHVlcmtlaS9tYXNtYXZpL2NsdWItZGV0YWlscy8_dXRtX3Rlcm09bWFzbWF2aS1wYWGACgPICwGiDAgqBgoErLqxAuINEwihrPfc0eiDAxVbk4MHHeOgBPzCEwYYw_-LywPYEwvQFQHiFgIIAYAXAbIXHwodCAASFHB1Yi05NjQ4NDEwNzI4MzkzMTY2GOCsjAE&sigh=mOJtY5Nzu1A&cmd=Ch1jYS12aWRlby1wdWItOTUwNzczNjI3OTkxMTkxNhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSOwAvHhf_WtR3wCWKGpXeqY3nIeMqw1wti6Y74YkbcgMqbEn3gyjtNHFDAP2C-YJs8YTbny_2b2sD9oV1GAE&vt=10&sdkv=h.3.613.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwMTcyNjY2NjIyMDIMNjYzMjYxMjMzMjY0QM4BUiYI0A8QDyUAAHBBKAE6C3F5anFNaWd6R0RjQglnb29nbGVhZHNQABgB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 105ms
104ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUmxIbIWq5xbWo01S1X5eqAD3czRY9BP2UGf51QPdZ7ehVkM4QRDbngkhfVXjkbuVUTNZuKR23eezAJmkVT/6QWXMGgDo8PAQI6jUvBoK8NyX31TyMrnISP4+bY60dPdhodvOoyYwve0I4biEJOEOp7hQE3FxGzqti9jahu62Fh8q8/FzlmPgPnBxmE0v8WW7R/c/EpyC6A0G/JbJv8Zd096kUfyCX09JgLDky81PIGZv/wwe/g1ii54lRb00XI5llavQePs+LphJFEL1QwHTokr+Wu70CB44PWvTiElRb44WqvRyyQ8CLXA7qfR42OjYepYvIFrBociCimCdoMHimy0D9oa2lRP1dyjZFNaSFABkrF4uNzOgxeUG8z6GsMKtu8=&cb=31988729
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:31 GMT
server: nginx/1.6.2

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 275ms
275ms Ping
image/gif 2404:6800:4004:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lrk5mfsj&c=7547676070816&slotId=3773838035408&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr5---sn-4g5lzney.googlevideo.com/ 3 MB
3 MB 77ms
16ms Media
video/mp4 2a00:1450:4001:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5lzney.googlevideo.com/videoplayback?expire=1705668150&ei=tv2pZcrkNciDp-oPkbu0uAg&ip=2a00:c98:2050:a007:2::8&id=ab28ea3228331837&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=1L&mm=31&mn=sn-4g5lzney&ms=au&mv=m&mvi=5&pl=59&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1705181976042007&mt=1705639031&cpn=VcpNLTa9dah5ST8g&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRAIgB9s7WtDvyXYE-cBLDMLo_gBdQ2N4bqdXSxkqsqohZuwCIHmnum28Y9PeioX8pbq_vONwHsKWdgXBJ0E3RWhaSQCD&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRAIgegNhCLGeu8y5BmdlPSrANnLpYRk4iOOde97I6mde_YACIHtb4xdYTNidrzZrwiMzpx5nRk43rWVFMmH2P0jCkoL5

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1b::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e65cff7bba499edc520a19e75b9345ae503d4b73993a5873c1b3253bd80d134b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://revistagalileu.globo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 19 Jan 2024 04:42:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Jan 2024 21:39:36 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2753353/2753354
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2753354
Expires: Fri, 19 Jan 2024 04:42:31 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D445 42 B
64 B 54ms
53ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDTjLtv2pZcrrLtumjuwP48GS4A_Tku-odeyL0c3BEfy1g534ChABIL-DvJcBYJWCoIKwB6ABw_-LywPIAQGpAgGOKEV9P7I-4AIAqAMBmAQAqgSfA0_Qp4rByXSrgGxDyQR4s1pKwB0iwrH40dRZ1smHsNcro6vsWjw-JGVIbHGnk8wXMFqJgNJli1GqWa2JKZMMPb6whoJy0ngiNx7SvIMQ_Ks4GZ1mfzDDDOxiOuG8vAOygeiBSbb7uUGB_kg9SbR0fs5m1_3UEMaU6n7Hs4_0rBmSRLmPxVcQoO-OLUh13LxoDNSbQO-A3YCX2YCWi8xJTMhyiU_jizVXL7SDwGe6n3liXpuROk5trcL3WK4RbP6IY7nFrGzrX356_vnf1x9MHGcU4SFlcIAJhTaVk8uxjFR7HQUAba4nly_n8Ud-LcJxGAZgtHaeHXrN-64vUomU3QBQNl1___PbaCtPhzFmRKS3uajHhgadpNuAEMN3CBM0Druh3AO76-F3dnbiu0tZHxX_zzkxERW9zb8c9GMnUR1WkELdoX-vb-zq0LELwP8xgjbH8byNyAVdna5R2zexj1hPf3kN1tC93Eo7pW8qq69PRmlEAZIDStwS6JJJuVjjSS9lElME-vLdsDbh4x7_ThQDBvSuR-_Dv4w0jYNDhXbABLfoyd-4BOAEAYgFnuSe80qgBlSAB5-CyTWoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAcBABGB0yAusCOgKAQEi9_cE6WJj99tzR6IMDmglIaHR0cHM6Ly93d3cubWFnaWNsaWZlLmNvbS9kZS9kZS9jbHVidXJsYXViL3R1ZXJrZWkvbWFzbWF2aS9jbHViLWRldGFpbHMvsQlvtAHlWD3vCYAKA8gLAdALDuALAaIMCCoGCgSsurEC2gwQCgoQsPLAydTUiOYTEgIBA5oNAQ6qDQJERcgNAeINEwihrPfc0eiDAxVbk4MHHeOgBPzYEwvQFQHiFgIIAfgWAYAXAQ&sigh=Yr5BLbNv19A&label=video_ad_loaded&sdkv=h.3.613.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwMTcyNjY2NjIyMDIMNjYzMjYxMjMzMjY0QM4BUiYI0A8QDyUAAKBBKAE6C3F5anFNaWd6R0RjQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame D445 0
0 113ms
54ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CCPGBtv2pZcrrLtumjuwP48GS4A_Tku-odeyL0c3BEfy1g534ChABIL-DvJcBYJWCoIKwB6ABw_-LywPIAQGpAgGOKEV9P7I-4AIAqAMBmAQAqgScA0_Qp4rByXSrgGxDyQR4s1pKwB0iwrH40dRZ1smHsNcro6vsWjw-JGVIbHGnk8wXMFqJgNJli1GqWa2JKZMMPb6whoJy0ngiNx7SvIMQ_Ks4GZ1mfzDDDOxiOuG8vAOygeiBSbb7uUGB_kg9SbR0fs5m1_3UEMaU6n7Hs4_0rBmSRLmPxVcQoO-OLUh13LxoDNSbQO-A3YCX2YCWi8xJTMhyiU_jizVXL7SDwGe6n3liXpuROk5trcL3WK4RbP6IY7nFrGzrX356_vnf1x9MHGcU4SFlcIAJhTaVk8uxjFR7HQUAba4nly_n8Ud-LcJxGAZgtHaeHXrN-64vUomU3QBQNl1___PbaCtPhzFmRKS3uajHhgadpNuAEMN3CBM0Druh3AO76-F3dnbiu0tZHxX_zzkxERW9zb8c9GMnUR1WkELdoX-vb-zq0LELwP8xgjbH8byNyAVdna5R2zexj1hPf3kN1tC93Eo7pW8qq69PRmlEAZIDCN4zen3hbFR8nBSTuzTBe-L4upvrzQYlqKVkw38TaMPbUgH5gRzABLfoyd-4BOAEAYgFnuSe80qSBREIEhAFGA8wt7DMwaLGupSrAaAGVIAHn4LJNagH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQ18y3AagIAdIIHwiA4YBwEAEYHTIC6wI6AoBASL39wTpYmP323NHogwOaCV1odHRwczovL3d3dy5tYWdpY2xpZmUuY29tL2RlL2RlL2NsdWJ1cmxhdWIvdHVlcmtlaS9tYXNtYXZpL2NsdWItZGV0YWlscy8_dXRtX3Rlcm09bWFzbWF2aS1wYWGACgPICwGiDAgqBgoErLqxAuINEwihrPfc0eiDAxVbk4MHHeOgBPzCEwYYw_-LywPYEwvQFQHiFgIIAYAXAbIXHwodCAASFHB1Yi05NjQ4NDEwNzI4MzkzMTY2GOCsjAE&sigh=mOJtY5Nzu1A&cmd=Ch1jYS12aWRlby1wdWItOTUwNzczNjI3OTkxMTkxNhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSOwAvHhf_WtR3wCWKGpXeqY3nIeMqw1wti6Y74YkbcgMqbEn3gyjtNHFDAP2C-YJs8YTbny_2b2sD9oV1GAE&sdkv=h.3.613.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame D445 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 19:49:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D445 0
0 52ms
52ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=noextension&lid=143&sdkv=h.3.613.0&e=44772139%2C44777649%2C44781409%2C44804291%2C44809548%2C95321946&id=ima_html5&c=1361178934725980&domain=revistagalileu.globo.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D445 42 B
64 B 65ms
65ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjoQ1tv2pZcrrLtumjuwP48GS4A_Tku-odeyL0c3BEfy1g534ChABIL-DvJcBYJWCoIKwB6ABw_-LywPIAQGpAgGOKEV9P7I-4AIAqAMBmAQAqgScA0_Qp4rByXSrgGxDyQR4s1pKwB0iwrH40dRZ1smHsNcro6vsWjw-JGVIbHGnk8wXMFqJgNJli1GqWa2JKZMMPb6whoJy0ngiNx7SvIMQ_Ks4GZ1mfzDDDOxiOuG8vAOygeiBSbb7uUGB_kg9SbR0fs5m1_3UEMaU6n7Hs4_0rBmSRLmPxVcQoO-OLUh13LxoDNSbQO-A3YCX2YCWi8xJTMhyiU_jizVXL7SDwGe6n3liXpuROk5trcL3WK4RbP6IY7nFrGzrX356_vnf1x9MHGcU4SFlcIAJhTaVk8uxjFR7HQUAba4nly_n8Ud-LcJxGAZgtHaeHXrN-64vUomU3QBQNl1___PbaCtPhzFmRKS3uajHhgadpNuAEMN3CBM0Druh3AO76-F3dnbiu0tZHxX_zzkxERW9zb8c9GMnUR1WkELdoX-vb-zq0LELwP8xgjbH8byNyAVdna5R2zexj1hPf3kN1tC93Eo7pW8qq69PRmlEAZIDCN4zen3hbFR8nBSTuzTBe-L4upvrzQYlqKVkw38TaMPbUgH5gRzABLfoyd-4BOAEAYgFnuSe80qgBlSAB5-CyTWoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAcBABGB0yAusCOgKAQEi9_cE6WJj99tzR6IMDgAoDyAsBogwIKgYKBKy6sQLaDBAKChCw8sDJ1NSI5hMSAgEDqg0CREXiDRMIoaz33NHogwMVW5ODBx3joAT82BML0BUB4hYCCAH4FgGAFwE&sigh=Fp2TM8R9iJ8&cmd=Ch1jYS12aWRlby1wdWItOTUwNzczNjI3OTkxMTkxNhAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D960%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26is%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D13307%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D245083631%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1705639337588%26ptlt%3D1705639351104%26pngs%3D9,14,15%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1705639350953&sdkv=h.3.613.0&vci=CnEIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwMTcyNjY2NjIyMDIMNjYzMjYxMjMzMjY0QM4BUikI0A8QDyUAAKBBKAE6C3F5anFNaWd6R0RjQglnb29nbGVhZHNIlAFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D445 42 B
64 B 64ms
64ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjoQ1tv2pZcrrLtumjuwP48GS4A_Tku-odeyL0c3BEfy1g534ChABIL-DvJcBYJWCoIKwB6ABw_-LywPIAQGpAgGOKEV9P7I-4AIAqAMBmAQAqgScA0_Qp4rByXSrgGxDyQR4s1pKwB0iwrH40dRZ1smHsNcro6vsWjw-JGVIbHGnk8wXMFqJgNJli1GqWa2JKZMMPb6whoJy0ngiNx7SvIMQ_Ks4GZ1mfzDDDOxiOuG8vAOygeiBSbb7uUGB_kg9SbR0fs5m1_3UEMaU6n7Hs4_0rBmSRLmPxVcQoO-OLUh13LxoDNSbQO-A3YCX2YCWi8xJTMhyiU_jizVXL7SDwGe6n3liXpuROk5trcL3WK4RbP6IY7nFrGzrX356_vnf1x9MHGcU4SFlcIAJhTaVk8uxjFR7HQUAba4nly_n8Ud-LcJxGAZgtHaeHXrN-64vUomU3QBQNl1___PbaCtPhzFmRKS3uajHhgadpNuAEMN3CBM0Druh3AO76-F3dnbiu0tZHxX_zzkxERW9zb8c9GMnUR1WkELdoX-vb-zq0LELwP8xgjbH8byNyAVdna5R2zexj1hPf3kN1tC93Eo7pW8qq69PRmlEAZIDCN4zen3hbFR8nBSTuzTBe-L4upvrzQYlqKVkw38TaMPbUgH5gRzABLfoyd-4BOAEAYgFnuSe80qgBlSAB5-CyTWoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAcBABGB0yAusCOgKAQEi9_cE6WJj99tzR6IMDgAoDyAsBogwIKgYKBKy6sQLaDBAKChCw8sDJ1NSI5hMSAgEDqg0CREXiDRMIoaz33NHogwMVW5ODBx3joAT82BML0BUB4hYCCAH4FgGAFwE&sigh=Fp2TM8R9iJ8&cmd=Ch1jYS12aWRlby1wdWItOTUwNzczNjI3OTkxMTkxNhAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D960%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D13307%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D245083631%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1705639337588%26ptlt%3D1705639351105%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705639350953&sdkv=h.3.613.0&vci=CnEIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwMTcyNjY2NjIyMDIMNjYzMjYxMjMzMjY0QM4BUikI0A8QDyUAAKBBKAE6C3F5anFNaWd6R0RjQglnb29nbGVhZHNIlAFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 playback
www.youtube.com/api/stats/ Frame D445 0
0 23ms
22ms Image
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/playback?cmt=0&rt=0&rtn=10&delay=15&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=15&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=VcpNLTa9dah5ST8g&docid=qyjqMigzGDc&visitordata=CgtCWW5oZU96MTdhUQ%3D%3D&of=-_xhI4eL4MjOL53E0nwGhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D445 42 B
64 B 62ms
62ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjoQ1tv2pZcrrLtumjuwP48GS4A_Tku-odeyL0c3BEfy1g534ChABIL-DvJcBYJWCoIKwB6ABw_-LywPIAQGpAgGOKEV9P7I-4AIAqAMBmAQAqgScA0_Qp4rByXSrgGxDyQR4s1pKwB0iwrH40dRZ1smHsNcro6vsWjw-JGVIbHGnk8wXMFqJgNJli1GqWa2JKZMMPb6whoJy0ngiNx7SvIMQ_Ks4GZ1mfzDDDOxiOuG8vAOygeiBSbb7uUGB_kg9SbR0fs5m1_3UEMaU6n7Hs4_0rBmSRLmPxVcQoO-OLUh13LxoDNSbQO-A3YCX2YCWi8xJTMhyiU_jizVXL7SDwGe6n3liXpuROk5trcL3WK4RbP6IY7nFrGzrX356_vnf1x9MHGcU4SFlcIAJhTaVk8uxjFR7HQUAba4nly_n8Ud-LcJxGAZgtHaeHXrN-64vUomU3QBQNl1___PbaCtPhzFmRKS3uajHhgadpNuAEMN3CBM0Druh3AO76-F3dnbiu0tZHxX_zzkxERW9zb8c9GMnUR1WkELdoX-vb-zq0LELwP8xgjbH8byNyAVdna5R2zexj1hPf3kN1tC93Eo7pW8qq69PRmlEAZIDCN4zen3hbFR8nBSTuzTBe-L4upvrzQYlqKVkw38TaMPbUgH5gRzABLfoyd-4BOAEAYgFnuSe80qgBlSAB5-CyTWoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAcBABGB0yAusCOgKAQEi9_cE6WJj99tzR6IMDgAoDyAsBogwIKgYKBKy6sQLaDBAKChCw8sDJ1NSI5hMSAgEDqg0CREXiDRMIoaz33NHogwMVW5ODBx3joAT82BML0BUB4hYCCAH4FgGAFwE&sigh=Fp2TM8R9iJ8&cmd=Ch1jYS12aWRlby1wdWItOTUwNzczNjI3OTkxMTkxNhAAGAI&label=admute&ad_mt=0&acvw=sv%3D960%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D8%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D8%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D8%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D13307%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D245083631%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1705639337588%26ptlt%3D1705639351108%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705639350953&sdkv=h.3.613.0&vci=CnEIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwMTcyNjY2NjIyMDIMNjYzMjYxMjMzMjY0QM4BUikI0A8QDyUAAKBBKAE6C3F5anFNaWd6R0RjQglnb29nbGVhZHNIlAFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 i.gif
p.trvdp.com/ 0
50 B 100ms
100ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/i.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUkPh0NAfaDAepU+g3q7Vm5tEPZ6WTAjmFxfDGWFtqDTGCaSbsZToUWjFCY8FD+hz4BxCAGKTMIEFV6RJ8ms+GEIawzSGJS35xtP+huceC1nKmtbKaMWKtEwMrS6Kh/IjM8chRxHb56WJN4BmsKkN6zF5QZgApdGJ5VG2Zdf3S/lAfzwiyVOOd5zH4U4eb6Bv7Wu7PolPjGL/vor/hphCPVtQxVFawi+yqoYpLUN1jCfRRwdSaUaJxzflYNSmuWGaoH5JBKyCjWgZvOlSRQZRC/eS+v+m488pBcdXH6MsGUswPDEppx+ERDEV/QSE8qVVh2AbJDC9kKso5OR0AkPavNoa+6PD6ePQtZDMqUzXtw9ScKVFzYU12q2byCSa7xjt0cMDqi1XhYt8qzxvmWzUl12&cb=88527063&s=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:31 GMT
server: nginx/1.6.2

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 56AE 23 KB
9 KB 17ms
17ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 206109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:27:22 GMT
expires: Wed, 15 Jan 2025 19:27:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 56AE 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 12:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 12:55:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 56AE 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.613.0&bgai=BIvrFtv2pZcrrLtumjuwP48GS4A8AAAAAOAG6BRMIjNH23NHogwMVIqmDBx2eMg6L&bg=!oqGloe7NAAa8BdJLnAU7ADQBe5WfONm3JHdzLL-kldMM0uYFqTx3etD3VhPBArdI7HgO6qlkiI7fLh38Avb0Jp0Zuk2sAgAAADJSAAAAAWgBBwoAbkRUG8-9n5WLK69LjJ98zayzuHGlCYFz40R8aKRj1UpzooSoIdKfT5xgg2YMZzWRZWELJhvIEFMzO8TnobbrRi1QHoTvDaRN6kzHkG1gf7vkpVRSQod4S0pVw01zqa6QH2pZA7OzZIC7IbQbtzWxmQI-_c0mrD19jCdwtjBL0f3ukXYKwhCJHabXGikHt4e8zgCZ8CGh0xTgkEksql_ibgBx7VC6Gwe7LK4c3zRk_RA9vX5rKBrOop8OTxuTt8aruEhtAQqnI1JCZiTBrnqBOSUHnadicqgoZ7LQRuC_gHOMN0asMTkZq6do9CxIJ6Yru0lVwBcTiRkPIC6E95YE4Zvp_k3TDdVpKPkDvl91yIXuLHTWmU77AbXU-AQQlDFT9yTWOJKitEBh2WryUeDa43jXzpr3oP24D44ro6qHMBC2L3Kc0-jEJxGscxFanhWzgaexWdRszmc5NuUPeErYqXJyHiGufx0RJ1iW1-ik5gjb3aeDf-CWNTEMAKCoS2L9rD0_ji8bpOgSZg3aUQTQZ492vlEQp0E0QPRVv9R5NTKXCEM46STeK3dIqioONTMbVj9IPEVRWqFxUA6gvVn9BSIYDdg5p793w7kbjgYqq5mzKe-i7ggksAJ8lYrS6hzJuG4xsjmQ9f2SrEKv9ePCT9OuCvbhTx3IXUEA3r_oQ-o1krNrrMWfu66uwqkGrCgJiA88RLEuLRdf4MQ9bu_-zazBAA4DV_WbLJXr8FJfCBUFQgogrg7vDbyCVMwjsLl97-T4zoffpoQ7fZzfUzDsumBZr8ihz3vems8NXPgM7VMTOSgAm9xQSNGzjug3Rdj2zLnX3Zsbx4Unz5lyGnZccZ-Hvz4b4ng_n77DwoCc-NvBcgPMcYqfewK-McmfkHoil6dQBTcKSTBWcy9p5ucaAQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
818 B 52ms
51ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=368&height=207&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1705639352565&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1589&pt=2046099043&tz=60&viewable=true&ddast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2768435&dpubid=375975&abtst=adxsub-out_vA!adxsub-out_vB!aniviewPrebidInteg_vB!iiqwfcontrol_vB!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Frevistagalileu.globo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8aa71b4d4d4f0dc2e873b4737e53a3978c1f91a50fb1e0b8aba0cc03dd9e6929

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:32 GMT
content-encoding: gzip
server: nginx
machineid: 1413
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 34.192.191.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=BMJ0xRmltyQBAfBWfgfGcgJlO96KTD7C6/u3oYpkIUm5m7kw0bpkh7J6keKRkkGpBW+WxMZ3+L+mhZJ8njVpB/SEsxCKsqo/rVd6lVfQpA+vvrYWXyZuY0znRbk+NTRhZdXZzhjzg3+yGzKlgdRNGhJiq0WOZUVC1l0pb9OvmjDsiTDbK8Bw1iZR3V6/oo4LWzpyc5V9w9PojNlbizMPZrtnvyX74sMaSCT04rHkkok68KSGLKOCFT/4YXRHpDZDnQ3/NjoPTTCgOvOTn6b+2LC93e8YoCQq7rZUGer45M0QlyE8vcCFbydC0f4KpAl/Vuf1cz79U5FcH0zbV46d08DNmQrmtWZfAXm1+5lWClWNm9frWhkWoAfoeS1Q20xVFtIKX/eenkIXIUXelUyrKqfzirvPw2ERqzTzJo8w6MQhUlKjDR5VqTmCAkqnKctz&cb=97702638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.191.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-169.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:33 GMT
server: nginx/1.6.2

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
788 B 23ms
22ms Ping
application/json 141.94.254.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy07.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Jan 2024 04:42:33 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://revistagalileu.globo.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 23ms
23ms Stylesheet
text/css 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:34 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2761
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 847c696fbbb79975-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Feb 2024 04:42:34 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/2e3316dd-7490-4306-9b57-79fa611a4b18/ 250 B
798 B 68ms
50ms Fetch
application/json 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/2e3316dd-7490-4306-9b57-79fa611a4b18/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23bb64c2e0dc8189415737a590dd0afce108427ee1d36ba2c1b149294aef20f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: fba9ecbf-1cdb-439a-a453-bad3ecaa8867
x-runtime: 0.013903
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"23bb64c2e0dc8189415737a590dd0afc"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 847c69700d809b5e-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 LY8IMPNESFW7vtkloN5S_GALILEU.jpg
img.onesignal.com/permanent/a21d8ec8-e4b8-4d0b-bb38-c0a43f691709/ 4 KB
5 KB 94ms
78ms Image
image/jpeg 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/permanent/a21d8ec8-e4b8-4d0b-bb38-c0a43f691709/LY8IMPNESFW7vtkloN5S_GALILEU.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44601a41eafe705822622907834d89bf2bc4a95da53b67ee9435f9b2b5d8b29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revistagalileu.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-goog-encryption-kms-key-name: projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date: Fri, 19 Jan 2024 04:42:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=6360, status=vary_header_present
x-guploader-uploadid: ABPtcPoYXJ2HUnTX6k4WSMiLbES4or3pKGKCjjQVMjwdlbz8y6J_aaxTm7zENdrODmfNNwwHYGqpmcC2Zg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 4575
pragma: no-cache
cf-bgj: imgq:85,h2pri
last-modified: Fri, 19 May 2023 19:51:19 GMT
server: cloudflare
etag: "-CMLzp/WTgv8CEAE="
vary: Origin, Accept-Encoding
x-goog-generation: 1684525879523778
content-type: image/jpeg
x-goog-hash: crc32c=CmEw5g==, md5=YgFB7sXJenq6Fv9V/e8ywg==
cache-control: public, max-age=2678400
x-goog-stored-content-length: 6360
accept-ranges: bytes
cf-ray: 847c69707e6a373d-FRA
expires: Mon, 19 Feb 2024 04:42:35 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://revistagalileu.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:13:53 GMT
x-content-type-options: nosniff
age: 181721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:13:53 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D445 42 B
64 B 48ms
48ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjoQ1tv2pZcrrLtumjuwP48GS4A_Tku-odeyL0c3BEfy1g534ChABIL-DvJcBYJWCoIKwB6ABw_-LywPIAQGpAgGOKEV9P7I-4AIAqAMBmAQAqgScA0_Qp4rByXSrgGxDyQR4s1pKwB0iwrH40dRZ1smHsNcro6vsWjw-JGVIbHGnk8wXMFqJgNJli1GqWa2JKZMMPb6whoJy0ngiNx7SvIMQ_Ks4GZ1mfzDDDOxiOuG8vAOygeiBSbb7uUGB_kg9SbR0fs5m1_3UEMaU6n7Hs4_0rBmSRLmPxVcQoO-OLUh13LxoDNSbQO-A3YCX2YCWi8xJTMhyiU_jizVXL7SDwGe6n3liXpuROk5trcL3WK4RbP6IY7nFrGzrX356_vnf1x9MHGcU4SFlcIAJhTaVk8uxjFR7HQUAba4nly_n8Ud-LcJxGAZgtHaeHXrN-64vUomU3QBQNl1___PbaCtPhzFmRKS3uajHhgadpNuAEMN3CBM0Druh3AO76-F3dnbiu0tZHxX_zzkxERW9zb8c9GMnUR1WkELdoX-vb-zq0LELwP8xgjbH8byNyAVdna5R2zexj1hPf3kN1tC93Eo7pW8qq69PRmlEAZIDCN4zen3hbFR8nBSTuzTBe-L4upvrzQYlqKVkw38TaMPbUgH5gRzABLfoyd-4BOAEAYgFnuSe80qgBlSAB5-CyTWoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAcBABGB0yAusCOgKAQEi9_cE6WJj99tzR6IMDgAoDyAsBogwIKgYKBKy6sQLaDBAKChCw8sDJ1NSI5hMSAgEDqg0CREXiDRMIoaz33NHogwMVW5ODBx3joAT82BML0BUB4hYCCAH4FgGAFwE&sigh=Fp2TM8R9iJ8&cmd=Ch1jYS12aWRlby1wdWItOTUwNzczNjI3OTkxMTkxNhAAGAI&label=videoplaytime25&ad_mt=3921&acvw=sv%3D960%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D958,1250,1155,1600%26tos%3D3155,200,0,200,201%26mtos%3D3155,3355,3355,3555,3756%26amtos%3D0,0,0,0,0%26mcvt%3D3355%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3971%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1025%26pst%3D416%26dur%3D15000%26vmtime%3D3920%26dtos%3D1321%26dtoss%3D2%26dvs%3D1321%26dfvs%3D1321%26dvpt%3D1321%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D16777216%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3155,3355,3355,3555,3756%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26femt%3D13307%26femvt%3D0%26emc%3D22%26emuc%3D0%26emb%3D17,1,0,1,1%26avms%3Dexc%26qi%3D245083631%26psm%3D-2147483633%26psv%3D14%26psfv%3D14%26psa%3D0%26pnmm%3D1705639337588%26ptlt%3D1705639355071%26pngs%3D9s,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3756&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1705639350953&sdkv=h.3.613.0&vci=CnEIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwMTcyNjY2NjIyMDIMNjYzMjYxMjMzMjY0QM4BUikI0A8QDyUAAKBBKAE6C3F5anFNaWd6R0RjQglnb29nbGVhZHNIlAFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D445 42 B
64 B 50ms
50ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjoQ1tv2pZcrrLtumjuwP48GS4A_Tku-odeyL0c3BEfy1g534ChABIL-DvJcBYJWCoIKwB6ABw_-LywPIAQGpAgGOKEV9P7I-4AIAqAMBmAQAqgScA0_Qp4rByXSrgGxDyQR4s1pKwB0iwrH40dRZ1smHsNcro6vsWjw-JGVIbHGnk8wXMFqJgNJli1GqWa2JKZMMPb6whoJy0ngiNx7SvIMQ_Ks4GZ1mfzDDDOxiOuG8vAOygeiBSbb7uUGB_kg9SbR0fs5m1_3UEMaU6n7Hs4_0rBmSRLmPxVcQoO-OLUh13LxoDNSbQO-A3YCX2YCWi8xJTMhyiU_jizVXL7SDwGe6n3liXpuROk5trcL3WK4RbP6IY7nFrGzrX356_vnf1x9MHGcU4SFlcIAJhTaVk8uxjFR7HQUAba4nly_n8Ud-LcJxGAZgtHaeHXrN-64vUomU3QBQNl1___PbaCtPhzFmRKS3uajHhgadpNuAEMN3CBM0Druh3AO76-F3dnbiu0tZHxX_zzkxERW9zb8c9GMnUR1WkELdoX-vb-zq0LELwP8xgjbH8byNyAVdna5R2zexj1hPf3kN1tC93Eo7pW8qq69PRmlEAZIDCN4zen3hbFR8nBSTuzTBe-L4upvrzQYlqKVkw38TaMPbUgH5gRzABLfoyd-4BOAEAYgFnuSe80qgBlSAB5-CyTWoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAcBABGB0yAusCOgKAQEi9_cE6WJj99tzR6IMDgAoDyAsBogwIKgYKBKy6sQLaDBAKChCw8sDJ1NSI5hMSAgEDqg0CREXiDRMIoaz33NHogwMVW5ODBx3joAT82BML0BUB4hYCCAH4FgGAFwE&sigh=Fp2TM8R9iJ8&cmd=Ch1jYS12aWRlby1wdWItOTUwNzczNjI3OTkxMTkxNhAAGAI&label=video_skip_shown&ad_mt=5249&acvw=sv%3D960%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D958,1250,1155,1600%26p0%3D0,0,0,0%26p1%3D958,1250,1155,1600%26tos%3D4483,200,0,200,201%26mtos%3D4483,4683,4683,4883,5084%26amtos%3D0,0,0,0,0%26mtos1%3D3155,200,401%26mcvt%3D4683%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5299%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1426%26pst%3D416%26dur%3D15000%26vmtime%3D5249%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26cs%3D50336019%26c%3D1%26c0%3D0%26c1%3D0,1,1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1328,1328,1328,1328,1328%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26femt%3D13307%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D24,1,0,1,1%26avms%3Dexc%26qi%3D245083631%26psm%3D-2147483585%26psv%3D62%26psfv%3D62%26psa%3D0%26pnmm%3D1705639337588%26ptlt%3D1705639356399%26pngs%3D9s,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5084%26ss0%3D0%26ss1%3D0,0.03,0.03&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1705639350953&sdkv=h.3.613.0&vci=CnEIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwMTcyNjY2NjIyMDIMNjYzMjYxMjMzMjY0QM4BUikI0A8QDyUAAKBBKAE6C3F5anFNaWd6R0RjQglnb29nbGVhZHNIlAFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
818 B 34ms
33ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=368&height=207&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1705639357565&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1589&pt=2046099043&tz=60&viewable=true&ddast=V8RYkCLAaMWtHvRj_U2xIYtaLfjX6oty0AAABgYED8AInYHI7FcDRZizwm31q0m63cCpNx5dasTIvVyrhbOTeuISARm8OxGI4ma5HH5FuLdrOVW2EyrtyalWmxWhl3K-fGNQUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYhaDodPte9XvKyPT2nh89hdppdrrvO7Lf47Rq_2y8HAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81AEBxYDjX3fqyGx2uz8vuDwAAAAAgAAAAAEgAFPCelgBQ8Zk58f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM2SXe7Q6EV-MgUkBZhBEAAAAAWdHowyOTdIKKRZX___9-KwBXAAACGkEMtNGy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GiMjMLE0QCwCAml9AAIA1v4AAAGzGDQDAGwE4QYegFYPB6ijEbjhb7Eaz5Wh2AAAAAO78____6wGhicWyHBmHi93E5tpYPCbXaLNyeUa-wcpjcc483uMs7FxUxCzt3SdDWGa_7yDku12Gh89lEBVdb4vd4TR77mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMlggCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5DCvDbrNxa3Yb21q0mUzcytnGs9aMXKPRYOVybXYzt-j1MX0cnuFmMtwiwYCUvUieFulE5fGYFsPJxLWYbGyb5WY3861WFs_G5LE5HKPNwiKWaE4W6UR22ZcmFstyZBwudhOba2PxmFyjzcrlGfkGK4_FOfP4Ww7DyrDbbNya3ca2Fm0mE7dytvGsNSPXaDRYuVyb3cwten1MH4dnuJkM943dYDXbLDeb2b6xG6xmm-VmM9t3mEzP1OdsFA7NKY_NMKxNI06b06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7buKcYvnyOzzjkNIgNBkUsEVykE5XJafpbHj6z3-J36xxmp9nluoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jh9gN54rZZC4ZLOeKzWqVAAAAAAAAAAAswTTTTQAAAACcDGa3Wu5W63Qgu9lwtFktF4DEH6kuYBAAAAAAAIBdcpEBp4zl1nDFGnuMokxO09_y8Jn9Fr9b5zA7zS7XlQFIuIky2-wzglir1bIGAAAggA0AACCAm268CQiz4v7____HAQAACJBDDwAAQHwfEBVa1HqhBy6_gVYN9g9AhVir1ep2Y61WK2ABTUa72QT-____E_z_______93LggAAAAAAKAjYxAAAAAAAABHBg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2768435&dpubid=375975&abtst=adxsub-out_vA!adxsub-out_vB!aniviewPrebidInteg_vB!iiqwfcontrol_vB!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Frevistagalileu.globo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8aa71b4d4d4f0dc2e873b4737e53a3978c1f91a50fb1e0b8aba0cc03dd9e6929

Request headers

Referer: https://revistagalileu.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:37 GMT
content-encoding: gzip
server: nginx
machineid: 1453
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://revistagalileu.globo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D445 42 B
64 B 48ms
48ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjoQ1tv2pZcrrLtumjuwP48GS4A_Tku-odeyL0c3BEfy1g534ChABIL-DvJcBYJWCoIKwB6ABw_-LywPIAQGpAgGOKEV9P7I-4AIAqAMBmAQAqgScA0_Qp4rByXSrgGxDyQR4s1pKwB0iwrH40dRZ1smHsNcro6vsWjw-JGVIbHGnk8wXMFqJgNJli1GqWa2JKZMMPb6whoJy0ngiNx7SvIMQ_Ks4GZ1mfzDDDOxiOuG8vAOygeiBSbb7uUGB_kg9SbR0fs5m1_3UEMaU6n7Hs4_0rBmSRLmPxVcQoO-OLUh13LxoDNSbQO-A3YCX2YCWi8xJTMhyiU_jizVXL7SDwGe6n3liXpuROk5trcL3WK4RbP6IY7nFrGzrX356_vnf1x9MHGcU4SFlcIAJhTaVk8uxjFR7HQUAba4nly_n8Ud-LcJxGAZgtHaeHXrN-64vUomU3QBQNl1___PbaCtPhzFmRKS3uajHhgadpNuAEMN3CBM0Druh3AO76-F3dnbiu0tZHxX_zzkxERW9zb8c9GMnUR1WkELdoX-vb-zq0LELwP8xgjbH8byNyAVdna5R2zexj1hPf3kN1tC93Eo7pW8qq69PRmlEAZIDCN4zen3hbFR8nBSTuzTBe-L4upvrzQYlqKVkw38TaMPbUgH5gRzABLfoyd-4BOAEAYgFnuSe80qgBlSAB5-CyTWoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAcBABGB0yAusCOgKAQEi9_cE6WJj99tzR6IMDgAoDyAsBogwIKgYKBKy6sQLaDBAKChCw8sDJ1NSI5hMSAgEDqg0CREXiDRMIoaz33NHogwMVW5ODBx3joAT82BML0BUB4hYCCAH4FgGAFwE&sigh=Fp2TM8R9iJ8&cmd=Ch1jYS12aWRlby1wdWItOTUwNzczNjI3OTkxMTkxNhAAGAI&label=videoplaytime50&ad_mt=7640&acvw=sv%3D960%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D958,1250,1155,1600%26tos%3D6874,200,0,200,201%26mtos%3D6874,7074,7074,7274,7475%26amtos%3D0,0,0,0,0%26mcvt%3D7074%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7690%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2031%26pst%3D416%26dur%3D15000%26vmtime%3D7639%26dtos%3D3719%26dtoss%3D3%26dvs%3D3719%26dfvs%3D3719%26dvpt%3D3719%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50336531%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3719,3719,3719,3719,3719%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26femt%3D13307%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D35,1,0,1,1%26avms%3Dexc%26qi%3D245083631%26psm%3D-2147483393%26psv%3D254%26psfv%3D254%26psa%3D0%26pnmm%3D1705639337588%26ptlt%3D1705639358790%26pngs%3D9s,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7475&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1705639350953&sdkv=h.3.613.0&vci=CnEIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwMTcyNjY2NjIyMDIMNjYzMjYxMjMzMjY0QM4BUikI0A8QDyUAAKBBKAE6C3F5anFNaWd6R0RjQglnb29nbGVhZHNIlAFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 04:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 aclk
www.googleadservices.com/pagead/ Frame D445 0
0 65ms
25ms Fetch
text/html 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googleadservices.com/pagead/aclk?sa=L&ai=CDTjLtv2pZcrrLtumjuwP48GS4A_Tku-odeyL0c3BEfy1g534ChABIL-DvJcBYJWCoIKwB6ABw_-LywPIAQGpAgGOKEV9P7I-4AIAqAMBmAQAqgSfA0_Qp4rByXSrgGxDyQR4s1pKwB0iwrH40dRZ1smHsNcro6vsWjw-JGVIbHGnk8wXMFqJgNJli1GqWa2JKZMMPb6whoJy0ngiNx7SvIMQ_Ks4GZ1mfzDDDOxiOuG8vAOygeiBSbb7uUGB_kg9SbR0fs5m1_3UEMaU6n7Hs4_0rBmSRLmPxVcQoO-OLUh13LxoDNSbQO-A3YCX2YCWi8xJTMhyiU_jizVXL7SDwGe6n3liXpuROk5trcL3WK4RbP6IY7nFrGzrX356_vnf1x9MHGcU4SFlcIAJhTaVk8uxjFR7HQUAba4nly_n8Ud-LcJxGAZgtHaeHXrN-64vUomU3QBQNl1___PbaCtPhzFmRKS3uajHhgadpNuAEMN3CBM0Druh3AO76-F3dnbiu0tZHxX_zzkxERW9zb8c9GMnUR1WkELdoX-vb-zq0LELwP8xgjbH8byNyAVdna5R2zexj1hPf3kN1tC93Eo7pW8qq69PRmlEAZIDStwS6JJJuVjjSS9lElME-vLdsDbh4x7_ThQDBvSuR-_Dv4w0jYNDhXbABLfoyd-4BOAEAYgFnuSe80qgBlSAB5-CyTWoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAcBABGB0yAusCOgKAQEi9_cE6WJj99tzR6IMDmglIaHR0cHM6Ly93d3cubWFnaWNsaWZlLmNvbS9kZS9kZS9jbHVidXJsYXViL3R1ZXJrZWkvbWFzbWF2aS9jbHViLWRldGFpbHMvsQlvtAHlWD3vCYAKA8gLAdALDuALAaIMCCoGCgSsurEC2gwQCgoQsPLAydTUiOYTEgIBA5oNAQ6qDQJERcgNAeINEwihrPfc0eiDAxVbk4MHHeOgBPzYEwvQFQHiFgIIAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIyp743NHogwMVW5ODBx3joAT8EAEYASAAEgIVsfD_BwE&num=1&cid=CAQSOwAvHhf_WtR3wCWKGpXeqY3nIeMqw1wti6Y74YkbcgMqbEn3gyjtNHFDAP2C-YJs8YTbny_2b2sD9oV1GAE&sig=AOD64_3DmmgYX2d-tVM-WAhVTG9kARzsqw&client=ca-video-pub-9507736279911916&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ctype=110&label=video_10s_engaged_view&ad_mt=10030&acvw=sv%3D960%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D958,1250,1155,1600%26p0%3D0,0,0,0%26p1%3D958,1250,1155,1600%26p2%3D958,1250,1155,1600%26tos%3D9265,200,0,200,201%26mtos%3D9265,9465,9465,9665,9866%26amtos%3D0,0,0,0,0%26mtos1%3D3155,200,401%26mtos2%3D3719,0,0%26mcvt%3D9465%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10081%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2641%26pst%3D416%26dur%3D15000%26vmtime%3D10030%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26cs%3D50336531%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2391,2391,2391,2391,2391%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26femt%3D13307%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D47,1,0,1,1%26avms%3Dexc%26qi%3D245083631%26psm%3D-2147481601%26psv%3D2046%26psfv%3D2046%26psa%3D0%26pnmm%3D1705639337588%26ptlt%3D1705639361181%26pngs%3D9s,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,9866%26ss0%3D0%26ss1%3D0,0.03,0.03%26ss2%3D0.03&gv=%5BGOOGLE_VIEWABILITY%5D&nis=5&adurl=https://www.magiclife.com/hc_scripts/TrackIt%3Ftid%3D10252166C4491PPC%26hc_url%3Dhttps%253A%252F%252Fwww.magiclife.com%252Fde%252Fde%252Fcluburlaub%252Ftuerkei%252Fmasmavi%252Fclub-details%252F%253Futm_term%253Dmasmavi-paa%26dev%3Dc%26h_ext%3D0:0:20105901060:::%26pos%3D%26afee%3D%26amat%3D%26adid%3D%26alocp%3D9044730%26aloci%3D%26anet%3D%26apla%3D%26adev%3D
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.226 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 watchtime
www.youtube.com/api/stats/ Frame D445 0
0 21ms
21ms Image
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/watchtime?state=playing&st=0&et=10&rti=10&cmt=10&rt=10&rtn=15&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=15&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=VcpNLTa9dah5ST8g&docid=qyjqMigzGDc&visitordata=CgtCWW5oZU96MTdhUQ%3D%3D&of=-_xhI4eL4MjOL53E0nwGhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENPgdrnS0YLXQb0klqKul1M&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

520 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

92 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
id.globo.com/auth/realms/globo.com/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 423e10f0-40a6-4044-9511-7d6da14e708a.mig-rhsso-cache-prod-hf44
id.globo.com/auth/realms/globo.com/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 423e10f0-40a6-4044-9511-7d6da14e708a.mig-rhsso-cache-prod-hf44
.onesignal.com/	1970-01-20 17:47:21	Name: __cf_bm Value: Fe.rLah6_3z3tpnA_7UQj8BHWW.hdx8zXH5cNS9rD3k-1705639331-1-AXVjFLbBhysrrJNMgKGgmPiStxECcG0a6cTpsui5d2QRgoyYRVIXjIqdRiiT4sXRdGikGzxVGzeFLQKX97iH8dc=
.globo.com/	1970-01-20 18:30:31	Name: pbjs_sharedId Value: 1bfa429a-53ce-4032-b503-46e38d865d1f
.globo.com/	1970-01-20 18:30:31	Name: pbjs_sharedId_cst Value: zix7LPQsHA%3D%3D
.globo.com/	1970-01-20 18:30:31	Name: _pc_randomCookieForPiano Value: cookieB
.globo.com/	1970-01-21 02:25:43	Name: cookie-banner-consent-accepted Value: false
.doubleclick.net/	1970-01-21 03:08:55	Name: IDE Value: AHWqTUlcvhXsfIEwGcRD2A4rjngBMY5Dncv4owfiNBMoTVkZpC1BG_XeZuThzjq3_GY
.globo.com/	1970-01-21 03:08:55	Name: __gads Value: ID=6e6379cab91ddc8c:T=1705639333:RT=1705639333:S=ALNI_MYie3UcEz76JSnc6an1QPNBLRljCA
.globo.com/	1970-01-21 03:08:55	Name: __gpi Value: UID=00000d43f2336993:T=1705639333:RT=1705639333:S=ALNI_MbupOiEsfoQiUUmjjTDX3Z37jJA-w
.adnxs.com/	1970-01-20 19:56:55	Name: uuid2 Value: 4162972127593965053
.casalemedia.com/	1970-01-21 02:32:55	Name: CMID Value: Zan9pREV6gV7G2XaGiiqFAAA
.casalemedia.com/	1970-01-20 19:56:55	Name: CMPS Value: 3195
.casalemedia.com/	1970-01-20 19:56:55	Name: CMPRO Value: 3195
revistagalileu.globo.com/	1970-01-20 17:47:19	Name: __adblocker Value: false
.criteo.com/	1970-01-21 03:08:55	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 03:08:55	Name: uid Value: a480b1b6-2f23-42e6-ae57-2de39fec54fb
.openx.net/	1970-01-21 02:32:55	Name: i Value: 9fb9c24d-db2b-4377-b471-df6c006db65b\|1705639335
.globo.com/	1970-01-21 03:16:07	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIBYB2AVgDYAjDy4AmQVz4AOESIEc%2BAThABfIA
.globo.com/	1970-01-21 03:16:07	Name: _pcid Value: %7B%22browserId%22%3A%22lrk5mef84hpi8cim%22%7D
.globo.com/	1970-01-21 03:16:07	Name: _pcus Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
revistagalileu.globo.com/	1970-01-20 19:56:51	Name: __pnahc Value: 0
.globo.com/	1969-12-31 23:59:59	Name: ___nrbic Value: %7B%22previousVisit%22%3A1705639335%2C%22currentVisitStarted%22%3A1705639335%2C%22sessionId%22%3A%222eeea770-cff1-43b6-a7c4-54ba9b76bbb8%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//revistagalileu.globo.com/%22%2C%22referrer%22%3A%22%22%7D
.globo.com/	1970-01-20 22:09:20	Name: compass_uid Value: 22107d1f-695a-4072-8d90-793332ee9760
revistagalileu.globo.com/	1970-01-20 17:47:21	Name: _gada_ses.cf1c Value: *
revistagalileu.globo.com/	1970-01-21 03:23:19	Name: _gada_id.cf1c Value: a8fb2d3c-3a79-4846-9aad-024e45cd5d19.1705639336.1.1705639336.1705639336.62b63b07-f0c6-41b5-95cb-bdf2e178e674
.adnxs.com/	1970-01-20 19:56:55	Name: icu Value: ChgImJt4EAoYASABKAEwp_unrQY4AUABSAEQp_unrQYYAA..
revistagalileu.globo.com/	1970-01-20 17:48:45	Name: privAu Value: 0
.rubiconproject.com/	1970-01-21 02:32:55	Name: khaos Value: LRK5MEEH-1G-FS7S
.rubiconproject.com/	1970-01-21 02:32:55	Name: audit Value: 1\|naVuGyos1qqPnJ/Od/jHrS+IXqvPVzt4X6LBWwGzep2k2NKlEueGiN2wrJc1f5lg95SjdM/2KSREYesmQ06uexvIbAFcYQh8SBx2P3in8zMkrVk1P3GZAyKPLRELhl3xIo8tEQuGXfGma+WVcS1g3g==
events.newsroom.bi/	1970-01-20 22:06:31	Name: 1464_u Value: 22107d1f-695a-4072-8d90-793332ee9760
events.newsroom.bi/	1969-12-31 23:59:59	Name: 1464_s Value: 2eeea770-cff1-43b6-a7c4-54ba9b76bbb8
events.newsroom.bi/	1970-01-20 18:30:31	Name: 1464_lv Value: null
events.newsroom.bi/	1970-01-20 18:30:31	Name: 1464_ut Value: 0
.piano.io/	1970-01-20 17:47:21	Name: __cf_bm Value: qPCyjykJWr1eQ4DJUBHzz0eonkhezc3byFeo1dP_BlQ-1705639335-1-ARuXrC/bZEFF7Ww1gLFK/hms20U9akq9HfrMLjJl9cPbUMUmDDbnNGsuyNYaFfeXtCmjy0Vrj3cLBQSx57wRdH0=
.globo.com/	1970-01-21 03:23:19	Name: __tbc Value: %7Bkpex%7D1ce8kAvXBHPBFwHUJ865DjEAghBUBIPAfzb6CRDFxujOfe97V6sqLXT1dCNQV9W9
.globo.com/	1970-01-20 18:30:31	Name: __pat Value: -10800000
.globo.com/	1970-01-20 17:48:45	Name: __pvi Value: eyJpZCI6InYtbHJrNW1lZmNmMzJycWVmdiIsImRvbWFpbiI6Ii5nbG9iby5jb20iLCJ0aW1lIjoxNzA1NjM5MzM1OTgwfQ%3D%3D
.globo.com/	1970-01-21 03:23:19	Name: xbc Value: %7Bkpex%7D3Dt3O127Wd7a-nG91mrvorcRyBIuOaKw5axsemWKzLEt_YSnwRrrsVpd3IXIqqRtUF9HtJwA-dhqJBTE0WKXHNL4J4dJRnCGtCjgpSKfiV2VaKS7rwSsy1Blspwot1wEEllyb0h9SKVOc0lmO-CLEwWHcWNMCEVjlEJPT64Ta5ixswoId8HjugFKaR979g_3gEtW1e5jyDhkiOjNRJzvTiWsoJLyXT5qzgzYoZAxqxqZ3fHycoTNphNJfFldxPChznS-_Otc0UIGqyFw_EspnO4dp66qC3BpFt18ZSALMlfai3ig9M1q8k-Wma0T-S-dN7gmgHQE2PfWNZEUV5Pvn2MY1_bAu7J6YXIDf3f2ncNWA7U0ZYH1-cbOA_TpmaEE
.globo.com/	1970-01-20 19:56:55	Name: _fbp Value: fb.1.1705639336044.485419416
.tinypass.com/	1970-01-21 03:23:19	Name: LANG Value: en_US
.globo.com/	1970-01-21 03:16:07	Name: cX_P Value: lrk5mef84hpi8cim
.tinypass.com/	1970-01-20 17:48:45	Name: LANG_CHANGED Value: en_US
.cxense.com/	1970-01-21 02:32:55	Name: gckp Value: cx:3twcyxehmwmcc1nga4qpehmdsv:19tj91ygx6rfx
.globo.com/	1970-01-21 03:23:19	Name: _ga_J1Q87VHPK9 Value: GS1.1.1705639335.1.0.1705639336.0.0.0
.globo.com/	1970-01-21 02:32:55	Name: nav13574 Value: 13fe6cb742e6c86e1b02a9966b10\|2_20
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: kq4abQVJbT4
.youtube.com/	1970-01-20 22:06:31	Name: VISITOR_INFO1_LIVE Value: s7gFDXoN5yk
.doubleclick.net/	1970-01-20 22:06:31	Name: APC Value: AfxxVi6_61ZKCbB68XE1uBy2Q4XlG5WYbeYbYJxC0_zoQ3MGBvjohg
revistagalileu.globo.com/	1970-01-21 02:32:55	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Dea0e073c-37c6-432b-96c3-3d5440ee537f-tuctca38328
.navdmp.com/	1970-01-21 03:23:19	Name: nid Value: 13fe6cab26a2e7ba48ee1f52b110\|0\|49
.globo.com/	1970-01-21 02:32:55	Name: nav46169 Value: 13fe6cab2621e59f0b53b8993410\|2_20
.globo.com/	1970-01-20 22:09:20	Name: permutive-id Value: d7eacda8-73ed-49b7-b787-48da19c973a5
.globo.com/	1970-01-21 03:16:07	Name: cX_G Value: cx%3A3twcyxehmwmcc1nga4qpehmdsv%3A19tj91ygx6rfx
.globo.com/	1970-01-21 03:23:19	Name: _ga Value: GA1.2.2089446785.1705639333
.globo.com/	1970-01-20 17:48:45	Name: _gid Value: GA1.2.1033742940.1705639337
.globo.com/	1970-01-20 17:47:19	Name: _gat_UA-3612842-1 Value: 1
.krxd.net/	1970-01-20 22:06:31	Name: _kuid_ Value: QC1yM5K4
.globo.com/	1969-12-31 23:59:59	Name: GLBEXP Value: AOM8xjDok5KDjp2BND+oWhUCA0Yze6aY7tUerEAnlL4=
.d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/	1970-01-20 19:58:21	Name: pxid Value: db0bd498-b64b-4b8a-b682-4b90d3a166fb
.ctnsnet.com/	1970-01-21 02:32:55	Name: cid_7c9867ae9ad4479cbfead5e0102addf6 Value: 1
.ctnsnet.com/	1970-01-21 02:32:55	Name: gid_CAESEAD5IQeBc9ReFa2RDYmj4Y8 Value: 1
.travelaudience.com/	1970-01-21 03:19:00	Name: _tracker Value: %7B%22UUID%22%3A%22636B388F-002A-47D7-38FA-FCDEC05AAFA0%22%7D
.lijit.com/	1970-01-21 02:32:55	Name: ljt_reader Value: IA_6rGZH5p4odlTfTd6HgM2L
.adform.net/	1970-01-20 18:31:57	Name: C Value: 1
.adform.net/	1970-01-20 19:13:43	Name: uid Value: 2074177000875548185
.globo.com/	1970-01-21 02:33:16	Name: glb_uid Value: tdWbCiHKGo1nlG74LuSp4XqzyaXD92S-O4onlK8xJeM=
.globo.com/	1970-01-21 02:33:16	Name: kppid Value: 25312725118222823421087
.globo.com/	1970-01-20 17:47:21	Name: hsid Value: 3c2889e0-cadf-4da7-bb98-675791832d66
.blismedia.com/	1970-01-21 02:32:59	Name: b Value: 65A9FDA97B534C3FA168DE72BLIS
.adnxs.com/	1970-01-20 19:56:55	Name: anj Value: dTM7k!M4.FCxrEQF']wIg2E?glaK(=!fsuh(w@uGnb.s-Z=4.Sr0$EWq?LX.*zZ'LALN^J^6V.#X/>_O.1g)ltd:ufGdD0[%p[s>%q)3RI3vWK
.ads.stickyadstv.com/	1970-01-20 18:07:28	Name: uid-bp-30833 Value: 1
.ads.stickyadstv.com/	1970-01-20 18:30:31	Name: UID Value: 1df4fa137d2d292eec8bdf6eeb948a8
revistagalileu.globo.com/	1970-01-20 17:47:21	Name: tt_c_vmt Value: 1705639339
revistagalileu.globo.com/	1970-01-20 17:47:21	Name: tt_c_c Value: direct
revistagalileu.globo.com/	1970-01-20 17:47:21	Name: tt_c_s Value: direct
revistagalileu.globo.com/	1970-01-20 17:47:21	Name: tt_c_m Value: direct
revistagalileu.globo.com/	1970-01-21 03:23:19	Name: _ttuu.s Value: 1705639338703
.tt-12842-2.seg.t.tailtarget.com/	1970-01-20 18:30:31	Name: trk Value: FDOI1jztQ4yKh9Bvi44++CAo+zFQL/lmH8KU2Lvql7Y=
.t.tailtarget.com/	1970-01-20 17:50:12	Name: _ssc Value: y
.t.tailtarget.com/	1970-01-21 02:32:55	Name: u Value: fwAAAWWp/aowfAbcFWe1AgB=
revistagalileu.globo.com/	1970-01-21 02:32:55	Name: tt.u Value: 0100007FAAFDA965DC067C3002B56715
.t.tailtarget.com/	1970-01-20 18:30:31	Name: ttbprf Value: _frankfurt am main_hesse_de_1705639339003_2997014919
.t.tailtarget.com/	1970-01-20 17:47:21	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 18:30:31	Name: ttnprf Value:
revistagalileu.globo.com/	1970-01-20 17:48:45	Name: tt.nprf Value:
.tt-12842-2.seg.t.tailtarget.com/	1970-01-20 17:47:22	Name: ttca Value: CA18873_1705639339
.t.tailtarget.com/	1970-01-20 18:30:31	Name: n Value: 1705639339
.globo.com/	1970-01-21 03:08:55	Name: cto_bundle Value: _rzO7F9yT1dJWmdPVUZNRTR4NElINUV5dGIlMkJlalFtRW9GcW9yeXV4ZyUyRkJjaGIwWUplaFAydCUyQjVyamVFTlN3dHV4eUtiZWNqZ2Q4MmFna0Ntb3hHdkxzeEVMZFpRcEFZbDMzSDhqOVltJTJCZ2hOaXJhWVg0WSUyQkhUJTJCUXAyWDUxWkswMW5MMVB3eU44S1hYd00waGhFODl4SlJiTGclM0QlM0Q
.globo.com/	1970-01-21 02:32:55	Name: FCNEC Value: %5B%5B%22AKsRol8RDNJ2khrj7zFAlzj6LTzcDiLHh16gyFKBOc1XxH5x5jFVKAIPCWXnFm0iajwGcKl8y-caYExn9c2PJoPS8cfHrEU__LPfTcC56xhgKg-peB2aL7-NoVb6ihFfIYvBM5aulcPIS8Jpu1ftCGy20NUwRb3fUg%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%226%22%5D%5D%5D
.globo.com/	1970-01-20 22:09:20	Name: ___nrbi Value: %7B%22firstVisit%22%3A1705639335%2C%22userId%22%3A%2222107d1f-695a-4072-8d90-793332ee9760%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1705639335%2C%22timesVisited%22%3A1%2C%22userType%22%3A0%7D
.adnxs.com/	1970-01-21 03:23:19	Name: XANDR_PANID Value: hfSPVsaLLsdqCJ8AHf_06WiUFkVD5Ftcmffc8isEQ0e9qq___yx9p6qBMoKsZTY1EfmdUDQ2Mxbvn0_z3qoKSPA3CYDO810aMC3eUlHB9AQ.

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://revistagalileu.globo.com/(Line 307) Message: Error: <svg> attribute height: Expected length, "auto".
rendering	error	URL: https://revistagalileu.globo.com/(Line 307) Message: Error: <svg> attribute width: Unexpected end of attribute. Expected length, "".
rendering	error	URL: https://revistagalileu.globo.com/(Line 307) Message: Error: <svg> attribute height: Unexpected end of attribute. Expected length, "".
rendering	error	URL: https://revistagalileu.globo.com/(Line 307) Message: Error: <rect> attribute width: Unexpected end of attribute. Expected length, "".
rendering	error	URL: https://revistagalileu.globo.com/(Line 307) Message: Error: <rect> attribute height: Unexpected end of attribute. Expected length, "".
network	error	URL: https://buy.tinypass.com/style.css Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cdn.tinypass.com/api/tinypass.min.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://buy.tinypass.com') does not match the recipient window's origin ('https://revistagalileu.globo.com').
network	error	URL: https://buy.tinypass.com/checkout/template/style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://buy.tinypass.com/checkout/template/style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENPgdrnS0YLXQb0klqKul1M&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 507) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
deprecation	warning	URL: https://revistagalileu.globo.com/ Message: The keyword 'push-button' specified to an 'appearance' property is not standardized. It will be removed in the future.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

447cb2da82f7b44d9e8f24dfa0eb2671.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ads.rubiconproject.com
ads.stickyadstv.com
ads.travelaudience.com
am-match.taboola.com
am-trc-events.taboola.com
am-wf.taboola.com
ap.lijit.com
api.permutive.com
b.t.tailtarget.com
barra.globo.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
buy.tinypass.com
c1.adform.net
c2.piano.io
cdn.cxense.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.navdmp.com
cdn.onesignal.com
cdn.permutive.com
cdn.polyfill.io
cdn.prod.uidapi.com
cdn.taboola.com
cdn.tinypass.com
cdnjs.cloudflare.com
cds.taboola.com
cm.g.doubleclick.net
cnt.trvdp.com
comcluster.cxense.com
connect.facebook.net
csi.gstatic.com
d.tailtarget.com
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co
dclk-match.dotomi.com
dmp.t.tailtarget.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
esp.rtbhouse.com
eus.rubiconproject.com
events.newsroom.bi
experience.tinypass.com
experiences.mrf.io
fastlane.rubiconproject.com
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
gadasource.storage.googleapis.com
gcm.ctnsnet.com
globo-ab.globo.com
go.trvdp.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
ib.adnxs.com
id.cxense.com
id.globo.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
img.onesignal.com
imprammp.taboola.com
invstatic101.creativecdn.com
ivccf.ivcbrasil.org.br
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onesignal.com
onetag-sys.com
p.glbimg.com
p.trvdp.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pips.taboola.com
pm-widget.taboola.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prg.smartadserver.com
pubads.g.doubleclick.net
region1.google-analytics.com
revistagalileu.globo.com
rr5---sn-4g5lzney.googlevideo.com
s.ad.smaato.net
s.amazon-adsystem.com
s.glbimg.com
s.seedtag.com
s.trvdp.com
s0.2mdn.net
s2-galileu.glbimg.com
s2.glbimg.com
s3.glbimg.com
sb.scorecardresearch.com
sdk.mrf.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.infoglobo.com.br
stats.g.doubleclick.net
stg.truvidplayer.com
sync.inmobi.com
sync.search.spotxchange.com
sync.teads.tv
t.tailtarget.com
tag.navdmp.com
tags.crwdcntrl.net
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
tt-12842-2.seg.t.tailtarget.com
ups.analytics.yahoo.com
us-u.openx.net
usergate.globo.com
usr.navdmp.com
v.trvdp.com
vidanalytics.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
www.youtube.com
x.bidswitch.net
sync.search.spotxchange.com
141.226.224.32
141.226.228.48
141.94.254.117
141.95.98.64
142.250.184.230
142.250.185.226
143.204.215.89
143.204.98.108
151.101.129.108
151.101.193.44
167.235.124.60
172.217.16.194
172.64.151.101
18.173.233.75
18.245.31.106
18.245.31.27
18.245.60.53
186.192.81.117
186.192.83.2
186.192.91.5
186.192.91.9
198.47.127.19
2.19.104.4
20.127.253.7
2001:4860:4802:34::36
201.7.177.250
216.52.2.16
23.56.202.187
2404:6800:4004:818::2003
2600:1f13:800:7782:ed8d:a1dd:8f8c:a667
2600:9000:211e:ac00:1b:5138:8a40:93a1
2600:9000:223f:8000:8:48e:53c0:93a1
2600:9000:2250:ae00:a:e047:753:a221
2602:803:c003:200::51
2606:4700:10::ac43:266a
2606:4700:3030::6815:4222
2606:4700:3033::6815:325a
2606:4700:3033::ac43:9fa2
2606:4700:4400::6812:29aa
2606:4700::6810:5714
2606:4700::6810:ff3
2606:4700::6811:190e
2606:4700::6811:7711
2606:4700::6811:c276
2606:4700::6812:b07e
2606:4700::6812:d63b
2606:4700::6812:d73b
2606:4700::6812:dff8
2607:ae80:4::25
2a00:1450:4001:1b::a
2a00:1450:4001:800::201b
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:480:ba2::268b
2a02:fa8:8806:16::1400
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::282
2a05:d018:d29:3601:fb9e:de5f:307d:4267
3.75.62.37
34.102.146.192
34.102.185.99
34.107.254.252
34.110.201.227
34.120.135.53
34.149.50.64
34.151.224.123
34.192.191.169
34.209.32.186
34.251.209.93
34.95.229.88
34.96.105.8
34.96.70.87
35.186.193.173
35.190.0.66
35.190.39.111
35.198.44.170
35.201.123.184
35.211.79.33
35.241.9.51
35.244.159.8
37.157.5.132
37.252.171.52
5.196.111.64
51.89.9.253
52.209.60.100
52.223.40.198
52.29.17.70
52.46.143.56
54.194.101.149
54.93.105.182
65.9.66.97
69.173.144.139
95.101.149.233
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03ef6981e03fb356cc693b884356883c0d25a62141465d8068f6a95d3d41b31c
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
06469997eb708258fe636781e8829c5b4613c21047aa6a66fe38b076d9b72848
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08a4dc20042a1c4c325dffa3498da910b66f8a1f7a246702eb1a4f4b75268605
09088724c279c63fb21bb8c0576f4b30f94b2f78e5257e037460c14cba9d01bf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce49c63580738406cf9dde96aca7fd4590b863d0206d274178765078ba47049
0da65befc5b7f0ebacb715dbee879ee4d0b91ba770991c67e924763d5c297c59
0e871d0f41eb74ab9b98534f4bc1d3baa2f4d1860d3f263c194bf00ca8ad025c
0ee946d183195f612c831375e931a39e7ad2413bc8ef83fe6b333ee12931f39b
102cd25fc6789b28bf4d85183c57014407b4cd483ee7d28b0cf63dc85d40804c
103e1a798d685441cce9f8bc04271bf60122e8ac367eced7d31750c0266cd216
11375ca575ab8a7a1dc2199c55b58cbbb261877748897ea459d606b7e5530afe
11ec3ad538e5c6ac9cc7021f27ed9aff481fb0d207590a75ab99ce1fcc590e8e
12686c7a9b51939d15ea095df5230cb48b99036a3462a6656c68daf2622968f0
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
138d7e873acb759e2abff7f865b8711ce893331bd525bd246026bdb8b0d5fb33
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
152d0e416615dd7eba52435b266c57f36fcb12d21c51b27aac49c1c5a5b6da7f
15a2c119963d6bf7f267006258b5ee21f4c9515a368d3988bd9992e9324effc5
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5
171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19
176bc582549497027595daa8723974b4e3f454c5767079029331d62ebe7e5e26
18cca46c1672de22ec6b3da0b7a9b5a5fe07bb5b88107873fd52905a0e0a462a
1d00ab80903ea23ebb7a0ba54d171d39a76c6adf2f2710d454e9a33a8456e1f9
1e2a445154069c046f1f43b6bdf7fea30e78e5b934e2d280bce82335f796baaa
1ff0395cc92cbc3ffc7d442bb90bc169481c0d7e673c00df27e96076f7db92e5
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074
210386e617b9dc6c08f6e7ac33b4339a900e42a48f8e19554f220db1bfb8f50c
216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840
223e97d3bb390ff95ac0ad68e06b3daf0eedc98943c49f54a3a262dc50f53280
23bb64c2e0dc8189415737a590dd0afce108427ee1d36ba2c1b149294aef20f4
24a56ab18d2755963fc4a8a546474068a380cd267a488b5f45f71e662f1ff6eb
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
2979681d00053ab9a0d0b5640e07c4a8726503a93268bb52ff5ac93632c21954
29de72896b6c83b67a67bbbdd8b125541784c50c892aea043f3e7409c7899dbc
29fd2a36094c8ee9a274529a0f999f4d1bd4fa2d52e990ea394657774f0fc769
2ae2a894f033630d31cda16ee77cd402451826a8c5ad52a883a9a5a6f6c9ae99
2af921f96b618475ba87948891bf844483be715971a4d4b69c4b596afd6c1691
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2bbc8e859257b3bb052685f0a1ee727b99e8b57a04347a1f63e48a843468062e
2c3b6f49c70b516548420f7680c38239c0d551787dbf96a6a5108c91de8ab3b0
2ccab95ecf9ecc9b0ada62ac43ed8957f2086b25e1bda5390c5903d70b962c00
2d6532503517dc33a226156c4beecefadd88096a0af5d9d3ba3c082f2601f157
2d88b01f29aa42bce44cac586f901521aa8ae39715157f5898cb517be12e2e69
2da69c31da6ce551ea123d6e2ca0765e11559a6a00ec6592bb8454ce365ceaa1
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3328466a419a882471ab33ac36e8340f1ec0cb1da5589a4cd9667d738799c3c3
336ef5154a9c676d1b12e061f7fdd7e732bc3bffad24b5c565c3b9c5b9dc60f9
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
34927c37c616dd87433b442f372954d7013234d770a90915782d9ab96d0eaf04
350c1d2b416cbb0eda468b944a566db3b5b11cf0021727b8684382ca7d25d53a
355312015b3a2297e4a30ae21402e963a545f5bf1ed1078563c24e59ba6f9080
35fc7cc61c8f3aaf490eb88db3846e0664874788df7780ce58a9c8d13d761fb7
364123bfeb9c735b8681b106b82dd807dabf24e8144e6d0a4e96d4decc2c1785
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38105aac42d1610743fba1feb58227a93739e52333b57597bd988ae71dad6353
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a9a9405da89d4a9d225dd74b87b0011415b870ea2e8a5a239d369dde3c78bbf
3aea1bac875f23d26b11fdad6c9047d2489d14faacd7e6eebd64b3a0e40f4294
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3d35430cbc5f5d47878a9e4863ae8a7323a6f7eff15f961341ac35215cacfd54
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405f393a4ee57fb23aff042dbcd2869beaa5f528cf4dadf5ccff90c7e331bba9
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41bf4686e95c371d9a68dd5f0258dad3e3c881e4916170c5bc4c9e6818a2ac17
41c77bec68165514049db9209058c8f98e5817c74f0442004275cf87e97d793a
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43456e168e3c4717928fad99d671fcbef0ade59c9cf4abee8b96851dabd9413c
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44601a41eafe705822622907834d89bf2bc4a95da53b67ee9435f9b2b5d8b29b
45d09bfa255aa651245bfd157429a2e2f8476d422ec8db62ad3067d5185a311a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46fbda9a97367cc61046dd658da965a26275b1aa2ce7249a70fe1c53abd77396
47f0f7b5f1d27bc9c731cae83bf7a2ff5ef9ccd1b529976a9093ef6fae5868dc
485e152aac28b0615911c4ed670fd99bc1be4fa7f306c9c26732ce6f7a65395a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
498ff5bcb02c5289f93fa5c1003b15444d21227dfeda3fed903a78f43d82ac7d
4a798741ab5d1da30eb26d38311b6249de94034ccc610268901ef633098ad3e3
4a7dc1824d6328b8e203ac0aab008da84dae5b9a8627f185b57a2296d22b03a6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac
4dfb873913d3f2bd20882709fc484c8cd710be1176d63f238b923cab4954b9bf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692
4f9309b9d87fcd6073801d10f89047c2e4466e566abeb77767a30fb9f946dc05
4fd11fc9997413d84b25309688c9f8c7b73dfc4cc1a4e8d0242129d940f43564
4fe68ab4fb5127e4f658de7ff18e0ae8b89c6f5673f60e4588ab52fbc46455cd
507acc179bfa7c929b83831d028f83b5fa85a02c9426588657ece1da51ae6b43
5344cb498819bb08e8c4e1adf068df5fcbfba075a783d68ed0b9583d3390a774
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
5526de640b8a955cded2558243e36af335e7b0722c9ff1cc091d329b12a6eebd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e355a0f86d6f7fe3b0b20bb64ea0f01c1a846f732cb38a7c89f07bfea8b6fb
585ac96a5411bbc137440554c2c1ede75f336ca229e7dceec92554d53f65fa79
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
59edebe61ae8ae6b2e331e50bec4e8bff6197c073732a309cb9ecaf9e63e25a7
5a7b904806d5ea7ba0e46ccf5f1e8974da4312770a287cda18014508da70fb4d
5a8634d16ccd09a64b87a4e1302485cc6e50baf61e9907c669395e664e2c70d0
5afe98affdf49aa3bc7d6bf163f2bb26759f15df90322cb80e25b888d3afaa96
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5d27960219ae7e67a78dd8c91e3cedfb2646893bd4553c806830419931f80c2a
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0
5e17c7d6e5cb0e00c66dbf2e15e3c24c497204b761c469c6497a73c9278d3349
5e75e73b1392894815cbd0582866402ab67e43c839e5665b7789f55c783e0e13
5f3cc581dad157468071a31c4b7a4cf09837da6b22c5940a4e242b889da21196
5fcf7e991ef48b20b390f127445fc8d41a8ebb42c36518cf1b2ba6124365cefd
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
60f52d034d5da2c2451a148186beb02c2f464cfd53c5e8bf09c804d3ff1c6ce2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62023892994a076b2eca66194011febfcc294b8cd41084bd243bd97492f1c365
623ca1945ffa780caa18c39b5049941bd9a94428538cb8344cb565666ea18dff
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
630287c96a4053ce59fa2a4e86ec61cfccd5cb020092945999842e9bb6d86a1e
661b625eeb1c499651c0cdb261782607cb5314a802e89cb9565a1120ae370866
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463
68bad85318721e59323bc71cf782ddc43d626072cfbf5a666198dd44d93bcd52
68d0656d441b3f89bca9b47d53f7d5ff82324290779a2aeae4d6f759577b874c
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
69c4e682efd05e113f5e7801648cec8560068626c6f8f9f2bb5ca4dedfbb58f9
6a85e2cc5c1ed85af71770f23a2b1dba898cbae03207c50bec5b4a8c6c8e27ed
6ad112a46f1d5e0ba1a7298e264f40e186d1f4d111091197a1a7f0cbe09d09df
6b37c75dbc0ad1368622265600d903b3cf22d7dc64e6bdd07959c4a88c0474e6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c86a31c37afcc73acab5acf33237be17ed5b6ccf524fb37cddfd91a75a523d9
6d01a1013f2e1428beeb351111924257112a89e6150eac8fd84c00b7a84e69b8
6e92c5db60dfbacd8761bc9e07f287f29236d36c4c00cdb23f1a3e97be900564
6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0
6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991
6fd2f1ac788550f52e028edfb9b792841548b3e9e75cc4b34eac363ff15cf85a
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
736f6e1984864cd550b893298f3329985bf8aa251442ee1eea657c0dc398aa28
74b673d72b59d4fef0b570b4fdcbc1eecd834a87cbc4a281a16a219580ea6a63
755cc3365108c032a896d7b649e81a958a00fc6ab10f238c6f91558d6217fe6c
76d7ebaad0b4e2e7ee2d3f5de29687ebc4c2421c15637229eebbd5a7e52c18d8
77514c451e521ac4368a45b763c5a2bab6b9a31ca4b4c69538eda378b4180fce
775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4
77b204d1bb0ae1622ef8ef5ca7a1071c6e0777454f9c2f5ef859612cce97fff0
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425
7aa4d5de5abdae4603540b48171e45742399584aa06f8ddefe4bdc547de20e35
7bc6a0e434e8739d5aade13e92ea5cd4b06d0f7a03fa4c56d9cdfb117dcdb350
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165
7f73b7bd2f95f7f086c8fd4b30dd9319cae31317d20ac4a8a72ebc36f8735337
7f757c66467ccfee3afad85175905468ec2994b09a26c3f7b8966d05834efc9c
7fcb60334e3a75bb9ee55518a322dcf7b43a66f0a1c7862de1936e86de915a2e
804c82c1f71019d6f077585d76d632a0359fffe3ef1c5b3a3cbfc80319b4aff3
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a06f5a3d11b80289a75fa46aaf06eabe8b62a43ae157675f10c90b15b9124e
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
858683a11966c02a6e8ae8e1f0b6438c243f9994a1376836f9a4b75a5b355c1a
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
862f4d37f897bda0352e73cad6f2cea5a5c42ace80b49fc86fd825888f263c0d
867443e84ec298e6c3b3009a7fdf5dff345332703b635efbf2407f75d29f0d2e
86e2a020d71b02648dc9707e69113e6db16e3bdbdabc7f4a6652de659b177b51
8730aafbdb6d03c6d4a37f76ebf8d504d5706fbae56686399a4b198981a0b6be
877c319b8a36e65249be764ce80ef3891edd45848ba3627b95c7499feb0be48d
8791270626b8a4fed6d34bc6cc2b10b5a682ce66d8b5016ed60fe711b5d2d016
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
8aa71b4d4d4f0dc2e873b4737e53a3978c1f91a50fb1e0b8aba0cc03dd9e6929
8b7c7be4a4fc51f92dbab683a20745614d6c642a619817edd9a3395da395b47a
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7
8bc00b3e1903a791e880efb21111f5bc7b06251ef12fb917fe87b2ba73645f9f
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d274cbcb1adfdd47aee13a07b199c9693bedb24c0f88452a05e47c7736aa707
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8951c6f69d1ea377f6c665d9db8b686687da95ed8cb449cd143b0bb40a7360
8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32
8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c
8f587c7a9634e7a272eeaf801dae7462585dd13eae5431d780ed9c9a23f00263
91e63df1ec370b26aa26b16053fb541e05eb5567dc4ef4e4b1662b68d6b9fda2
93d06f11db169b0c18ecdd02370819abf1841d0c7ed2ec2b8bff2627e62d5e42
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b255624c4aa0e44eb0e1f59f898e7ec4c3d91f6bf7ff7dd8ee51e791d55fb24
9e4531b9a55f15bf0bd5123a3eb9be0c88c1b0d42274e3a9710d48f87543a6af
9e535ddc1581b9d523dcb42e237101bfcd89efdc3398a076a421ff782b0544ef
9ef394107fe4abdc8cf901ce04a3b6b59f614a9db4f50c0f1683515fc81c80eb
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0065362396bca2ceb0618c832c6ef4392fbfc5c6e81f104531fbfa4c34a65a5
a03b95106083a9a0c3e7797983627487d10cc59a1a4d5b576aecb19464d9fc5a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2e27abb6b7eb21d99d37021c1100f2c6fdbc12eff318e61392211381bcf95af
a3d802214cdaf6276aa13b5b161820bbc80660cf9429124233334b07a2d7978e
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5fb71968c62c1e84aebf36c57c13a32cd43d2962a231708a5b0f8a1273d95ab
a64fbb08fa2bd716e5f8ff8328ae512c762adf8e67ac869147da83c5b58f783f
a75268acca1064d377254869ef57a291839c04dd129d50a849ab714c67a2d00a
aeb569139cb6bc35a99ae1ede1d2209d1cb7f82d630b0fbddb72881815028ed1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b05a91871061b8b814395fcf006175ca79239d50bfaa15c2cf114f5c99838583
b0fbc469229736bf6ec6519988f225c8bc4399749bd4660f673ee0c6180c47c5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051
b30e332b569a4d1d3e934db078b1548179ceb8de1c861f521f7c9f8c46433501
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b59d95c1e06a1f6e95dc2866e03eb15bc1b7aba96f38dbd418eea32922d941b8
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e
b9ab167fb4bf6ab63b9f20538f2a3ed1d5668ee7eef1ad6f0cda7441d752b5d6
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd1895d50a87f4d2b5db14251238033dccb2e5ed5d894b20fa0af3833d2c8ba8
bdbc397d54ec38ac605c18ddc3a969e8901224191269bc0716a0e45c70576ead
bdbe9f6df71c07f837f4278c5e1cc6822db49fb3c78224c664260ee6bf63d5e4
bdd8a03d4f991abc68b26860acf789b9ab8b01bdb33b59a9f5861e68ca07f6b1
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
bf560df25103ef77bdb911273007f0d36073f368670e39c460ba11979303cd07
c0dfa41b2d4fa3807f0af808f79cfbad0375d767bbded26906bdefac0724a6a7
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c427399ea474cc67e9d961d717bb63e64bce4d85db8646953e505c768d9723c1
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
c60ef6ae63c65ef633b240c98cabe4d6998ba4e031887d6f6d1a84fea4532b14
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
c8611ae58033f2a9e522526698fa9b35c46b7fd0a76a114e7ef5db15820649d2
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caeb5824088e9c990dcdf8014148d7847d182bd06861142d0038ed7d0ac88bcb
cc6147e52ad7ec65a91af95923ede2c78311b5e77f515e15718b0f62646b943a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9a4c7791f8db5e49ef2ea4cf503514f28f9e8acd33360063bcfcd7bae7e7b0
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
d069a25e9362277eafb7aebfaae23274f37c7d55cbbbf2a02379b2b1d8955559
d0a3db7e5a3841414d7f0dc8e575a3c4b5d1a774a575352cdbed3630a10e57cc
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d103ddd3e1c450405dd77ad357a6fdfeda1524ae6fe7152b05f9318eecfa4d41
d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a
d28775118345b5cfc54dd79b1078e55dffd99c5d1fe20c6b843047334ea5f66e
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d324e696d8eff869aba1a11fb57ee5ff41d486c1f4c0a4c41e70c705e8194cbd
d38c88689435e8dcb1c9c126961a9f63c490106e34730b88acee218f5b846ab9
d3c6640a777abfa183ce035e0028c7cb96f6bb1bb378f9d6d2b59fe03e9a6f28
d5261bd8dcd2efba733b553c2094fb263f0c5f1ffd9007140cce35c694858b15
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d67cacb7ec5eebf5b63f3ae3cb57462c203f4f0cb92d0f721cd062083920aa39
d6c7e6ad800fb94afd9cfaf6dd1ff4f2022b21cd80b4cda59cda258730ee86d1
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
d8d41ca2f2833d7f4c504e0f4c821514a1e3d36c6bce946a2241e06df0219c78
d994d5bf3c7ddcc8a233638164c7fb7c870c8ebad29096534c2fd9747fd18f41
d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7
d9e3eb7df3449a2197334b909b58e0f40ad7f1ae07814b08b8df833b30183244
db4754d31dce8cb57f3465ae442079e67cec3bb6937909a4e69f8bfa00bec548
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbb8a07ee2515780441105ea9114506a727116bccadf6094dfaa48ed01587bd3
dbea554bb1806a9a21b623107d57ec7f98c46f02125064a0d3959c8bd2f3f4f6
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
deec20c33558113e08cffdf1c4b8b2df7ce13dba16bb2412c5a1c936dcb4b4d6
dfb595fa9d59e407042401409891ee96ff3ff6b8c557e3f6a0e09165d8933b64
e0a1c83983c14963ae959a4276b9e026b79d14e7314be42dd495b1c0d179efda
e0fe83d875faf394978cd04227fb30838db2f4a9bd67e6862e6845c6eee1a09e
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e1f815d1f2baa15b4c0060ca33981c1aedc30410e6fd54269d3df7dacd324f
e3f422ae8bc9e4874e20a1d051cc2cde9a2e2f0e84d8a4ef84a82d90b3b5cc79
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e592f206e11271c92f3910969d4bb601d099ac579362bc4de65215286defea4b
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e63f6bb255a789ca87e68dbf09e81a22fa7842f6b11aae2538ddeddae4f4cb00
e640430fe2ccc31d8871dfea3286d1c1c3d90c0429d10720582d643887f7564c
e65cff7bba499edc520a19e75b9345ae503d4b73993a5873c1b3253bd80d134b
e7b46092fe3caa03c8ef57a96bc6645ff76473cfb84d67498e5e160232e64dc3
e81333f45f53e1b07a0588af84e1d03e7ce0a00f16d8d76d3140698155e15fe9
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8a5db64eeb55b75f6034451f736657b3794d57915b11336b19d5772ad182c6c
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
eb5264df06782a4b9c74398b0925234d7e7635dc7fd4ae909300af7e29dad5ea
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ec0d8435d5d30bc297e0b2db3f87fe8fc998b3440d56f33205e702c57a84443d
ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f067b016302662862dd78d7f9059546800c1fe165953e44205e75bf8df299207
f267b2d41f42be6f543c2a481df26c66a39010d6a61fb3b998fb6a70210ea31e
f39b0751b3838eeb4af072e5527745e762e8024eaa29514e855fb4dac78ab5e1
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4fadfc5db4372d911d7ad12c15ee0e5a6b5181b38b0c1d46d13e05a75034c14
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6dfc7a4b2d5174583d0decd3bd014f91345f6215e3bfbaf60513cc3173c5459
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7ab917c78e9a4eaacd4df4ac7ed66b415576f37b58336b390bd5e450d359ada
f838bdcceb22d60990ebc30b446e44c0e046ed3cb74ffb87dd7a896449d25d1a
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
ff0068ad1d649ca7cc3dfa949a7c83f980a7c7839600b95fac1d445fd0b50355
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

revistagalileu.globo.com Open in urlscan Pro 201.7.177.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

700 Requests

96 %HTTPS

45 %IPv6

70 Domains

143 Subdomains

107 IPs

11 Countries

10961 kBTransfer

27292 kBSize

92 Cookies

53 Outgoing links

Page URL History

Redirected requests

700 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

revistagalileu.globo.com Open in urlscan Pro
201.7.177.250 Public Scan

Screenshot
Live screenshot

Full Image

700
Requests

96 %
HTTPS

45 %
IPv6

70
Domains

143
Subdomains

107
IPs

11
Countries

10961 kB
Transfer

27292 kB
Size

92
Cookies

700 HTTP transactions
16 data transactions