blogs.oglobo.globo.com Open in urlscan Pro
186.192.81.15 Public Scan

URL: https://g1.globo.com/
Title: g1

URL: https://globoesporte.globo.com/
Title: ge

URL: https://gshow.globo.com/
Title: gshow

URL: https://globoplay.globo.com/
Title: globoplay

URL: https://www.techtudo.com.br/
Title: tecnologia

URL: http://www.globo.com/todos-os-sites.html
Title: todos os sites

URL: https://oglobo.globo.com/
Title: Logo O Globo

URL: https://ofertasglobo.oglobo.globo.com/garc/landing_oglobo/consumidor22/index.html?campanha=sim&interno_origem=siteoglobo&interno_midia=botao&interno_campanha=og_botao_topo_semcookie_cnsmdr
Title: Assinatura

URL: https://www.facebook.com/jornaloglobo
Title: Facebook

URL: https://twitter.com/jornaloglobo
Title: Twitter

URL: https://www.instagram.com/jornaloglobo
Title: Instagram

URL: https://login.globo.com/login/3981?url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Title: Entrar

URL: https://oglobo.globo.com/politica/
Title: Política

URL: https://oglobo.globo.com/brasil/
Title: Brasil

URL: https://oglobo.globo.com/rio/
Title: Rio

URL: https://oglobo.globo.com/saude/
Title: Saúde

URL: https://oglobo.globo.com/mundo/
Title: Mundo

URL: https://oglobo.globo.com/economia/
Title: Economia

URL: https://oglobo.globo.com/cultura/
Title: Cultura

URL: https://oglobo.globo.com/esportes/
Title: Esportes

URL: https://oglobo.globo.com/boa-viagem/
Title: Viagem

URL: https://oglobo.globo.com/rio/bairros/
Title: Bairros

URL: https://oglobo.globo.com/blogs/
Title: Colunistas

URL: https://oglobo.globo.com/epoca/
Title: Época

URL: https://oglobo.globo.com/podcast/
Title: Podcast

URL: https://oglobo.globo.com/videos/
Title: Vídeos

URL: https://oglobo.globo.com/fotogalerias/
Title: Fotos

URL: https://oglobo.globo.com/infograficos/
Title: Infográficos

URL: https://oglobo.globo.com/economia/defesa-do-consumidor/
Title: Defesa do Consumidor

URL: https://oglobo.globo.com/ultimas-noticias
Title: Últimas Notícias

URL: https://oglobo.globo.com/principios-editoriais/
Title: Princípios Editoriais

URL: https://kogut.oglobo.globo.com/
Title: Logo Patrícia Kogut

URL: https://oglobo.globo.com/ela/
Title: Logo Ela

URL: https://oglobo.globo.com/rioshow/
Title: Logo Rio Show

URL: https://oglobo.globo.com/clubeoglobo/
Title: Logo Clube O Globo Sou Mais Rio

URL: https://meuoglobo.oglobo.globo.com/
Title: Logo Meu O Globo

URL: https://extra.globo.com/
Title: Logo Extra

URL: https://infoglobosites2.secure.force.com/assinante/
Title: Portal do Assinante

URL: https://acervo.oglobo.globo.com/
Title: Acervo

URL: https://oglobo.globo.com/um-so-planeta/
Title: Um Só Planeta

URL: https://jornaldigital.oglobo.globo.com/
Title: Edição Impressa

URL: https://oglobo.globo.com/newsletter/
Title: Newsletter

URL: https://oglobo.globo.com/economia/cnc-noticias/
Title: Comércio em pauta

URL: https://oglobo.globo.com/rio/tem-no-rio/
Title: Tem no Rio

URL: http://www.facebook.com/sharer/sharer.php?u=https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

URL: https://twitter.com/intent/tweet?url=https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

URL: https://plus.google.com/share?hl=en-US&url=https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

URL: https://twitter.com/malugaspar

URL: https://www.facebook.com/sharer/sharer.php?u=https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3DFacebook%26utm_medium%3DSocial%26utm_campaign%3Dcompartilhar

URL: https://twitter.com/intent/tweet?text=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro&url=https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3DTwitter%26utm_medium%3DSocial%26utm_campaign%3Dcompartilhar

URL: https://api.whatsapp.com/send?text=Blog%20Malu%20Gaspar:%20Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html

URL: https://www.homeday.de/de/di/immobilienwert-jetzt-erfahren/?utm_campaign=0349_TB_RH_DT_GEHEIMTIPP_RECHNER_Calculator_202202_topcampaign&utm_source=taboola&utm_medium=display&utm_term=editoraglobo-oglobo&utm_content=3177251915&gclid=GiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCD6k0koorzevcWF0L6qAQ&taboolaclickid=GiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCD6k0koorzevcWF0L6qAQ&tblci=GiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCD6k0koorzevcWF0L6qAQ#tblciGiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCD6k0koorzevcWF0L6qAQ
Title: FAIRE PROVISION

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editoraglobo-oglobo&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Patrocinado

URL: https://oglobo.globo.com/politica/doria-se-reune-com-parlamentares-do-cidadania-em-brasilia-25424523
Title: Doria se reúne com parlamentares do Cidadania em Brasília

URL: https://oglobo.globo.com/politica/corretora-diz-que-lewandowski-nao-fez-proposta-por-imovel-de-abraham-weintraub-25424306
Title: Corretora diz que Lewandowski não fez proposta por imóvel de Abraham Weintraub

URL: https://oglobo.globo.com/politica/eu-dirijo-nacao-para-lado-que-os-senhores-desejarem-diz-bolsonaro-pastores-2-25424267
Title: 'Eu dirijo a nação para o lado que os senhores desejarem', diz Bolsonaro a pastores

URL: https://oglobo.globo.com/politica/em-carta-deputados-arthur-do-val-diz-que-punicao-por-fala-sexista-justa-mas-cassacao-de-mandato-excessiva-25424177
Title: Em carta a deputados, Arthur do Val diz que punição por fala sexista é justa, mas cassação de mandato é 'excessiva'

URL: https://oglobo.globo.com/politica/nunca-afirmei-uma-candidatura-presidencia-diz-rodrigo-pacheco-25424109
Title: 'Nunca afirmei uma candidatura à Presidência', diz Rodrigo Pacheco

URL: https://oglobo.globo.com/politica/moro-sugere-renata-abreu-como-candidata-do-podemos-ao-governo-de-sp-1-25424073
Title: Moro sugere Renata Abreu como candidata do Podemos ao governo de SP

URL: https://oglobo.globo.com/politica/bolsonaro-cancela-encontro-com-paes-vai-se-reunir-com-aliado-de-castro-na-baixada-fluminense-25424079
Title: Bolsonaro cancela encontro com Paes e vai se reunir com aliado de Castro na Baixada Fluminense

URL: https://oglobo.globo.com/politica/podemos-aceita-desfiliacao-de-arthur-do-val-25423925
Title: Podemos aceita desfiliação de Arthur do Val

URL: https://oglobo.globo.com/politica/alesp-sem-decoro-caso-arthur-do-val-mordida-transfobia-assedio-sexual-ate-xingamento-ao-papa-25423843
Title: Alesp sem decoro: caso Arthur do Val, mordida, transfobia, assédio sexual e até xingamento ao Papa

URL: https://oglobo.globo.com/politica/relembre-declaracoes-com-ofensas-as-mulheres-feitas-pelo-presidente-a-familia-bolsonaro-25423642
Title: Relembre declarações com ofensas às mulheres feitas pelo presidente e a família Bolsonaro

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editoraglobo-oglobo&utm_medium=referral&utm_content=thumbnails-b:Below%20Page%20|%20Card%201:
Title: por Taboola

URL: https://www.homeday.de/de/di/immobilienwert-jetzt-erfahren/?utm_campaign=0349_TB_RH_DT_GEHEIMTIPP_RECHNER_Calculator_202202_topcampaign&utm_source=taboola&utm_medium=display&utm_term=editoraglobo-oglobo&utm_content=3177251915&gclid=GiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCD6k0ko9sqso7rdu-or&taboolaclickid=GiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCD6k0ko9sqso7rdu-or&tblci=GiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCD6k0ko9sqso7rdu-or#tblciGiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCD6k0ko9sqso7rdu-or
Title: FAIRE PROVISION

URL: https://totalbattle.com/de/lp/city9alike2_webgl_dark_po_2/3?crt=v3PRO0085zenBFGJWO&adgp=ads&prtr=taboola&acc=main&site=editoraglobo-oglobo&cpn=1385591&iid=3134564510&clickid=GiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCCakUMorqnC_979tr11#tblciGiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCCakUMorqnC_979tr11
Title: Total Battle: Online Strategie-Spiel

URL: https://trc.taboola.com/editoraglobo-oglobo/log/3/click?pi=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&ri=f9347a709502d3e9cafa3e0405af4621&sd=v2_a8377ad2c9051daa0af1b4bf75f58848_e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c_1646792412_1646792412_CNawjgYQlv9JGNec6OP2LyABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjb_5X0ga2ul6YBcAA&ui=e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c&it=text&ii=~~V1~~7066242047193757088~~z4OQ4ip9y1jFG2iGifkOoga5AfqFhUYA0FoL1nuDyq7TxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RJ82Wrka8hatjkdBWgtAsTVOVwwiTTRmbeR9yJ-FWMtKVJT68Kla76zYU1DV3tD5owPZuCQS4tgqqnn8CSBZ4aNjxfAtsj75Zm6PzSBS4yNyd3WkhT22z-2tGiQiFNttdM&pt=text&li=rbox-t2v&sig=efd6885b02fb5a3eb218fbb0ebdc1a131af46a3fe3c6&redir=https%3A%2F%2Ftotalbattle.com%2Fde%2Flp%2Fcity9alike2_webgl_dark_po_2%2F3%3Fcrt%3Dv3PRO0085zenBFGJWO%26adgp%3Dads%26prtr%3Dtaboola%26acc%3Dmain%26site%3Deditoraglobo-oglobo%26cpn%3D1385591%26iid%3D3134564510%26clickid%3DGiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCCakUMorqnC_979tr11%23tblciGiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCCakUMorqnC_979tr11&vi=1646792412759&p=scorewarrior-totalbattle-sc&r=79&lti=deflated&ppb=CH4&cpb=EhIyMDIyMDMwOC02LVJFTEVBU0UYlpjV0wYg8Pw6KhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE4NziAttbOC0Cb4wlIgooQUNzK2QNYpewQYwjQ__________8BEND__________wEYMGRjCNcWENUfGCNkYwj5__________8BEPn__________wEYB2RjCJYUEJscGBhkYwjSAxDgBhgIZGMI9BQQnh0YH2RjCNH__________wEQ0f__________ARgvZHgBgAECiAHt66fGAZABHA&cta=true
Title: Jetzt spielen

URL: https://tnbbev.de/lancms/index.php/muessen-wir-sterben?utm_source=taboola&utm_medium=referral&tblci=GiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCDCnkwo8PuOiYrlvMDDAQ#tblciGiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCDCnkwo8PuOiYrlvMDDAQ
Title: Tier und Naturschutzbund Berlin-Brandenburg e.V.

URL: https://www.offthestuff.com/4aca8be2-ed65-46be-b0f4-06c1a97d03c6?site=editoraglobo-oglobo&site_id=1212310&title=Rothenburg+Ob+Der+Tauber%3A+Das+ist+der+beste+Treppenlift+f%C3%BCr+Senioren&platform=Desktop&campaign_id=12020449&campaign_item_id=3023358765&thumbnail=https%3A%2F%2Fnative-images.s3.amazonaws.com%2F3676701ea685f02b87a6520f6c6b2a2c.jpeg&site_domain=blogs.oglobo.globo.com&click_id=GiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCCF8VQo1rS4vaKnjK2eAQ#tblciGiA6S2mgYnOSNgxjv8K9C167GjSBnH9hyyOGnYlEkXZCQCCF8VQo1rS4vaKnjK2eAQ
Title: Treppenlifte | Gesponserte Links

URL: https://privacidade.globo.com/privacy-policy/
Title: Política de Privacidade

URL: https://privacidade.globo.com/
Title: Portal da Privacidade

URL: http://www.gda.com/
Title: Logo GDA

URL: http://www.agenciaoglobo.com.br/
Title: Agência O Globo

URL: https://oglobo.globo.com/fale-conosco/
Title: Fale conosco

URL: https://oglobo.globo.com/expediente/
Title: Expediente

URL: https://www.publicidadeeditoraglobo.com.br/
Title: Anuncie conosco

URL: https://www.vagas.com.br/editoraglobo
Title: Trabalhe conosco

URL: https://www.globo.com/privacidade.html
Title: Política de privacidade

URL: https://oglobo.globo.com/termos-de-uso/
Title: Termos de uso

URL: https://ofertasglobo.oglobo.globo.com/garc/landing_oglobo/consumidor22/index.html?campanha=sim&interno_origem=siteoglobo&interno_midia=display&interno_campanha=og_footer_semcookie_cnsmdr

186-192-81-15.prt.globo.com

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.assinanteoglobo.com.br/?qs=fac62467e24810192fa24c25cbaadf7768ffae9e5310150a01a143606c9322f3ec56396eac1aba1d3f6284ed2c5e5f7be85a6f278884d9aa HTTP 302
https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://open.spotify.com/embed/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator HTTP 302
https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator

Request Chain 79

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 125

https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 126

https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1646792411487&ns_c=UTF-8&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1646792411487&ns_c=UTF-8&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9=

Request Chain 177

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3ROUE1lOEE HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEFiirjbpOyN8-vkgn2UULKw&google_cver=1

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3ROUE1lOEE HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEFiirjbpOyN8-vkgn2UULKw&google_cver=1

Request Chain 179

https://stags.bluekai.com/site/26357?id=OtNPMe8A&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOtNPMe8A%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?_kuid=OtNPMe8A&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 180

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=L0O1eYfJg5wbIZtUsBV_ZWKSWrpFpXFx

Request Chain 182

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OtNPMe8A&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OtNPMe8A&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=68633144333642168481490765560131111092

Request Chain 183

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID HTTP 302
https://beacon.krxd.net/usermatch.gif?adnxs_uid=5833811598947816649

Request Chain 184

https://ib.adnxs.com/mapuid?member_id=1780&user=OtNPMe8A HTTP 307
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOtNPMe8A

Request Chain 187

https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OtNPMe8A&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID

Request Chain 188

https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OtNPMe8A HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-WN6nWiRE2pugl1MJjNRjNkJMqsc8SQ6DOA--~A

Request Chain 189

https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
https://sync.navdmp.com/sync?prtid=30&salid=OtNPMe8A

Request Chain 190

https://sync.1rx.io/usersync/krux/OtNPMe8A?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/krux/OtNPMe8A?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1646792412011 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-68dc7f51-64b6-4e77-a66d-bdeec0306d95-003?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3DRX-68dc7f51-64b6-4e77-a66d-bdeec0306d95-003 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-68dc7f51-64b6-4e77-a66d-bdeec0306d95-003

Request Chain 375

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw7Ee4fGVK8C5wnHw7P59Q&google_cver=1

Request Chain 376

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YigO3fSqZsgIJ39y1-exAwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw7Ee4fGVK8C5wnHw7P59Q&google_cver=1

Request Chain 377

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFrKzha8OOT5-NeBWPFd9x0&google_cver=1

Request Chain 378

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIzODQzNDQxNjYyNjY0NjM5OQ%3D%3D

Request Chain 411

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=73ff3558-9f4f-11ec-b55d-1ef5e1e50406 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&

Request Chain 415

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=73ff2c25-9f4f-11ec-b17d-1a7ccaea0406 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&

Request Chain 417

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XJU3n4BE2uE00MPcRciZ9bHSYk3b5zZSq5SUkQo-~A

Request Chain 424

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=73ff693b-9f4f-11ec-9979-1a377c5d0206 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&

Request Chain 426

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XJU3n4BE2uE00MPcRciZ9bHSYk3b5zZSq5SUkQo-~A

Request Chain 429

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=73ff6a4b-9f4f-11ec-97a3-18c6427b0406 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&

Request Chain 433

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine___330033534&atb_dpuid=di_&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 438

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEF3rBqSXtzKCXzzwaoz_2is&google_cver=1&google_push=AYg5qPI4U75Tf-EY1UBRQDAAKqSylP9-W9BoRzq8uh4FkiNFBf7PdQ4ydxGjae3nysFB7zubkAWtDoB8hpDOjtPPvO3qnbExwDW9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI4U75Tf-EY1UBRQDAAKqSylP9-W9BoRzq8uh4FkiNFBf7PdQ4ydxGjae3nysFB7zubkAWtDoB8hpDOjtPPvO3qnbExwDW9

Request Chain 441

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOR7QAop1q3zc-KBZPJ_ORQ&google_cver=1&google_push=AYg5qPImAuvgA5nB8HG9Y1bmMQb0pc9VCOMQyQriR-IMlAxsNIyjUBk7PI06bqNv4hlVhiyxB3UDHesgVeW4ZfiQtwiA_rcuyWA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZwEJQRb0Rh6zEu9gITRJTA2&google_push=AYg5qPImAuvgA5nB8HG9Y1bmMQb0pc9VCOMQyQriR-IMlAxsNIyjUBk7PI06bqNv4hlVhiyxB3UDHesgVeW4ZfiQtwiA_rcuyWA

Request Chain 442

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEARxa-pggEzcOJT-jDTz8B8&google_cver=1&google_push=AYg5qPLldaz80L9SUQ8GMM0f7w_d68bCw8QI4MX22HfLLc1mQD01Hbk5Wf4B1YQCQnYbpogSvEV3Bc-GrcF5TyUJidmZC9ypdqCJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLldaz80L9SUQ8GMM0f7w_d68bCw8QI4MX22HfLLc1mQD01Hbk5Wf4B1YQCQnYbpogSvEV3Bc-GrcF5TyUJidmZC9ypdqCJ&google_hm=MTUyOTYzNTE5MDQzOTc3ODEzMQ%3D%3D

Request Chain 443

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELOjYgtoXkf-ohS1YX9pAcE&google_cver=1&google_push=AYg5qPKWLq36LcmqFbGYVNER5bFHG26cyESAJSFRKg2XaF0j7D-A9vaurHmV4r_WOqiHKfIFvDxkccKItXoqXmf_Vo4R292fSURgGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jS29TUlFwRTJ1RW1kcWRfQzYwck9KZ1VtcmFCNVppRH5B&google_push=AYg5qPKWLq36LcmqFbGYVNER5bFHG26cyESAJSFRKg2XaF0j7D-A9vaurHmV4r_WOqiHKfIFvDxkccKItXoqXmf_Vo4R292fSURgGQ

Request Chain 462

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 463

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 489

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 490

https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0IXOLKN-O-B0ST&sigv=1&esig=2~6708c8a928d1f96cc56fc8bf612318db4d8783e2&gdpr=1&us_privacy=1---

Request Chain 491

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/420YqyRJHaZ0DxKsiGbLiw?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1529635190439778131

Request Chain 493

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEDElwYfX3WcXssDsjmQKRsw&google_cver=1

Request Chain 494

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0IXOLKN-O-B0ST&gdpr=1&us_privacy=1---

Request Chain 496

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjkxMjk0OWI1OWEyOWViNDhiZWFmNWQ4NTEyODJkMjhmM2JmZTQxNw&gdpr=1&us_privacy=1---

Request Chain 541

https://gum.criteo.com/sid/json?origin=publishertag&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=blogs.oglobo.globo.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=_3V6GXxGcmF5Y3Q1Y0dTc2FPNmxadldUQWFUOEwvVFRzZi9FSWU3WmFmc2daMHZQNDdHQlVCa3RncnBYQ25EODVpSmRDdm1kT2hjaVltNWxGYlNWdzlPUWI2Mk15Z3FCOThvRXFoN3pINmQ3Z243NmpCQUZmM1dvbFhOUkpqNU15OWJhaWJtWVRNK1pSRUFPb2JRaEcwekNwZ1czWURkcDl5bDdKVTlKYXFRdE1GVE1pNkFTeTlYRWk3UXZ4ZG1sTzhVK2RvWnE1Qy96QTNYTjhyUW1iQnZsZXhxVXQvVDM0d2hEa2FtVWt3YSt0S1dvdXNtVE1kc0U4WTBXM0IxcCtlUm4wZ0NFTHA2b0tFSHAvU3lFazB3WUFwdz09fA&cppv=2

Request Chain 566

https://c1.adform.net/serving/cookie/match?party=14&cid=E032207E-5E6C-4E5C-9954-35CCBBC5C47A HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E032207E-5E6C-4E5C-9954-35CCBBC5C47A

Request Chain 567

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:318f6228-0edd-4500-bdc3-1a5e550d1795&gdpr=0&gdpr_consent=

Request Chain 568

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=108955719836841341

Request Chain 569

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 570

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7072919574320838799

Request Chain 571

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4DIgfl5sTlyZVDXMu8XEeg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 572

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=318f6228-0edd-4500-bdc3-1a5e550d1795

Request Chain 573

https://pixel.onaudience.com/?partner=214&mapped=E032207E-5E6C-4E5C-9954-35CCBBC5C47A HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=3c4c591a-b469-471a-a447-023f2c1a1f0d&icm HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=cba8e081baf6d3cd8763978b4acc6a21&gdpr= HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=5f761cc1f148b6de HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ca87dcd4-5cf4-4b28-59cd-a0250bcb782d&reqId=7386597e-a262-4adc-447c-31be660b401b&zcluid=5f761cc1f148b6de&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEOn2reCC7DSOR6mCYcPLySg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ca87dcd4-5cf4-4b28-59cd-a0250bcb782d&reqId=7386597e-a262-4adc-447c-31be660b401b&zcluid=5f761cc1f148b6de&zdid=1332

Request Chain 574

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTAzMjIwN0UtNUU2Qy00RTVDLTk5NTQtMzVDQ0JCQzVDNDdB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 575

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGKj0i5nR2H0tiFObCdIk8M&google_cver=1

Request Chain 577

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8372929599688268931

Request Chain 578

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c4c591a-b469-471a-a447-023f2c1a1f0d

Request Chain 579

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8238434416626646399&gdpr=0&gdpr_consent=

Request Chain 593

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YigO5AALv6j-xABH HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YigO5AALv6j-xABH&gdpr=0&gdpr_consent=&_test=YigO5AALv6j-xABH

Request Chain 594

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4YyfHZRiSZ9jpngMPeOeqbnVm6I

Request Chain 595

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 596

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E032207E-5E6C-4E5C-9954-35CCBBC5C47A&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E032207E-5E6C-4E5C-9954-35CCBBC5C47A&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E032207E-5E6C-4E5C-9954-35CCBBC5C47A&addseg=19,36,42

Request Chain 597

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E032207E-5E6C-4E5C-9954-35CCBBC5C47A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E032207E-5E6C-4E5C-9954-35CCBBC5C47A&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 599

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E032207E-5E6C-4E5C-9954-35CCBBC5C47A HTTP 302
https://a.audrte.com/p

Request Chain 600

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Oox3JTzbIXkh2nIoPd1oKm2Kdywhjncsaooum3nq

Request Chain 602

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E032207E-5E6C-4E5C-9954-35CCBBC5C47A&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Hdll07BE2uUrW8joT.EeIcCgQ1IBHY0-~A&gdpr=0&gdpr_consent=

Request Chain 603

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=29ec9fd3-1259-425c-9494-12a242b310f5 HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=e47c34bd-6142-4fe9-bcd2-bc5536bb7195&expires=5&user_group=0&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=29ec9fd3-1259-425c-9494-12a242b310f5&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 604

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4168166988272568672&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 605

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:46aa62df-0cb4-47f1-a3c3-8f0567743654&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

608 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html Show response
blogs.oglobo.globo.com/malu-gaspar/post/
Redirect Chain

http://click.assinanteoglobo.com.br/?qs=fac62467e24810192fa24c25cbaadf7768ffae9e5310150a01a143606c9322f3ec56396eac1aba1d3f6284ed2c5e5f7be85a6f278884d9aa
https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

153 KB
43 KB

708ms
244ms

Document
text/html

186.192.81.15
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.15 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

6434ee52acb8e3d22e29cc89d1de2a157330dd464a5007502d192c920b7e31b6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 09 Mar 2022 02:20:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, X-Forwarded-Proto, X-Mobile-Group
expires: Wed, 09 Mar 2022 02:21:06 GMT
cache-control: max-age=60
x-frame-options: SAMEORIGIN
content-encoding: gzip
age: 0
x-bip: 543167410 ra03 11 15
via: 2.0 CachOS
accept-ranges: bytes
x-request-id: bd081227-6911-4dc0-b4f0-e5026181d210
x-thanos: 0AB1D027

Redirect headers

Content-Type: text/html; charset=utf-8
Location: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
X-Cnection: close
Content-Length: 305
Expires: Wed, 09 Mar 2022 02:20:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:05 GMT
Connection: keep-alive

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
34 KB 125ms
40ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 13:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 13:27:39 GMT

GET
H2 200 api.min.js Show response
p.glbimg.com/api/stable/ 37 KB
14 KB 695ms
226ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.glbimg.com/api/stable/api.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

97b81651ac630805fe9f93b8a9481cc286ddb6240b3964a647371f01bca28641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 888687921 ra02 05 03
age: 1973
content-length: 13484
x-xss-protection: 1; mode=block
x-request-id: 971820c5-823b-4a32-97e3-c8c436431063
last-modified: Thu, 04 Nov 2021 17:23:50 GMT
x-thanos: 0AB1500D
etag: W/"61841726-9496"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:47:13 GMT

GET
H2 200 lgpd-lib.min.css
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 11 KB
2 KB 901ms
433ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.css
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2e53bbdf41db08d5017462fe9963a8ee505c7a8ff83756c5217635019a076465

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:07 GMT
content-encoding: gzip
x-openstack-request-id: txe3ca1c302eb24c3c925c5-0062279913
last-modified: Wed, 24 Feb 2021 17:18:00 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
content-type: text/css; charset=utf-8
x-timestamp: 1614187079.15655
cache-control: public, max-age=86400
x-trans-id: txe3ca1c302eb24c3c925c5-0062279913
x-request-id: 3248d1aa-e8e6-4491-82e0-5fac9925df57

GET
H2 200 lgpd-lib.min.js Show response
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 46 KB
15 KB 902ms
433ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 655e8547a0f057f68c1a3bbe78d65bcdaee6bc402814d11e3b6fc1da6e0d9dfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:07 GMT
content-encoding: gzip
x-openstack-request-id: tx984e84a003dd4c52bdea8-0062279913
last-modified: Wed, 24 Feb 2021 17:18:00 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-timestamp: 1614187079.14110
cache-control: public, max-age=86400
x-trans-id: tx984e84a003dd4c52bdea8-0062279913
x-request-id: ed3674f2-3581-4b37-a710-2173afcf5712

GET
H/1.1 200
OK tiny.js Show response
static.infoglobo.com.br/paywall/js/ 211 KB
44 KB 1101ms
229ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 87f4764f17ad0c8412030149ce610a59676a61a96ca5144e907f85ad688b19a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:50:50 GMT
Content-Encoding: gzip
Age: 1760
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 44284
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a06565f4-34af2-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 8847

GET
H2 200 contadorDeAcessos.js Show response
i.glbimg.com/og/ig/infoglobo1/static/_js/paywall/ 9 KB
3 KB 740ms
227ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/_js/paywall/contadorDeAcessos.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

38940e363338f26853ceffa226701e8d5384881d5d87c6592571eae5c7a70c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 574215321 ra03 11 06
age: 48
content-length: 2473
x-xss-protection: 1; mode=block
x-request-id: 7ff6634b-8520-4cf9-8be8-dfdd91743f20
last-modified: Tue, 08 Mar 2022 13:37:14 GMT
x-thanos: 0AB1D011
etag: W/"62275c0a-244a"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:18 GMT

GET
H2 200 jquery.cookie.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.3.0/ 2 KB
2 KB 50ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.3.0/jquery.cookie.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0457619e889bb98d0956ad96f21be1ca143f509d9110a91ed9f6ecf5f6eff71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 259475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 790
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-83e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ai1hqXc0QvK9DnZV8a2vCrf%2ByLnUXeiwjmwpt8SpRmRxyw4v6%2BOClNBEp0ZidMq3qx%2BUuE9TWtjn6zNwZzabskg%2FPUul56fdWr2HpnmPJ7uIWAy98qM9L9i%2Bj1G3Bc69fVaWV0IQhl%2F4KGJIu5irI2XB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e90545ddf269060-FRA
expires: Mon, 27 Feb 2023 02:20:06 GMT

GET
H2 200 gtm_utils.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/js/ 3 KB
2 KB 740ms
228ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/js/gtm_utils.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

d6179b15e275f1930d1c77b0ec2dbdeda42aeeb0e17eda9b1ee044f903a3c7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 861867808 ra03 11 06
age: 48
content-length: 1207
x-xss-protection: 1; mode=block
x-request-id: c190076a-6da0-4f65-a455-f461e77066bb
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB1D011
etag: W/"62275c0b-d3f"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:19 GMT

GET
H/1.1 200
OK oglobo-header.css
oglobo.globo.com/styles/ 21 KB
5 KB 924ms
228ms Stylesheet
text/css 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/styles/oglobo-header.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

38361b977916afb5f09c1f2157db6c842f5db6d306d5e40284c5caa6ce6094fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 16:29:03 GMT
Content-Encoding: gzip
Age: 1763464
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 4046
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 13 Jan 2022 13:12:52 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a044b019-52ce-5d5767194fd00"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 227071

GET
H/1.1 200
OK oglobo-header.js Show response
oglobo.globo.com/1/scripts/ 4 KB
2 KB 230ms
229ms Script
text/javascript 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/1/scripts/oglobo-header.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

f3355d125a40e2768830335c83f9291cd2295b30024933c846dd4f6ffc696503

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 16:29:12 GMT
Content-Encoding: gzip
Age: 1763456
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 1163
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 13 Jan 2022 13:11:12 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a03ce447-fa4-5d5766b9f1c00-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 121183

GET
H2 200 advertising.js Show response
i.glbimg.com/og/ig/infoglobo1/static/_js/ 3 KB
1 KB 227ms
225ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/_js/advertising.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

83af4fd59e9a2f531978f17f7b434836faa02c757f1f4fd5b3aff2c15a639695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 929777029 ra03 11 06
age: 49
content-length: 905
x-xss-protection: 1; mode=block
x-request-id: be8bef3a-477d-4632-ace7-304aa2604a3d
last-modified: Tue, 08 Mar 2022 13:37:14 GMT
x-thanos: 0AB1D011
etag: W/"62275c0a-acd"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:20 GMT

GET
H2 200 a.jpg
s2.glbimg.com/GokOpUWTEB4VNkn78ulDsjnTNkE=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2020/09/25/ 12 KB
12 KB 1095ms
452ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/GokOpUWTEB4VNkn78ulDsjnTNkE=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2020/09/25/a.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: af1b9ba5837527e5eba58c0f7b2b294bc0f2eb632048b2d4a8c552d39f8299d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
via: 2.0 CachOS
x-bip: 285347386 ra09 20 03
age: 31357
etag: "8c64c47d33f995949b27efe99ab93ebad0248f0a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 12174
x-request-id: ea3d7e87-6fae-4bf4-8b20-3b9a9baa34f3
expires: Thu, 07 Apr 2022 17:37:12 GMT

GET
H2 200 whatsapp_image_2022-03-03_at_13.10.08.jpeg
s2.glbimg.com/wYJIFM6039s_PJAoxLcy33h6rtk=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/03/ 16 KB
17 KB 867ms
225ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/wYJIFM6039s_PJAoxLcy33h6rtk=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/03/whatsapp_image_2022-03-03_at_13.10.08.jpeg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 7ef8ca5746a1afaef186269e7615b4b7873e12e44c5afe7b23a35703501ebb3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
via: 2.0 CachOS
x-bip: 136723412 ra09 20 03
age: 53446
etag: "3e710b08caa0800ac0249650576d625f0090b9ac"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 16564
x-request-id: 50cae41c-05a2-4729-902d-400eec1d3bd1
expires: Thu, 07 Apr 2022 11:29:23 GMT

GET
H2 200 comment-widget.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/comment-widget/ 231 KB
85 KB 230ms
228ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/comment-widget/comment-widget.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 9e01b976b7f5816aa7b3c8fed296556636ff49db3550debb7d96b4d9576f45a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:09 GMT
content-encoding: gzip
x-openstack-request-id: txf1fc2dd6c0534056a519f-0061eee816
last-modified: Wed, 09 Sep 2020 12:15:32 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1599653112.000000
x-timestamp: 1599653731.08521
cache-control: public, max-age=7776000
content-type: application/javascript
x-trans-id: txf1fc2dd6c0534056a519f-0061eee816
x-request-id: d1301c06-6cad-4b2b-96c7-e9f132f3d897

GET
H2 200 read-too.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 2 KB
1 KB 249ms
249ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/read-too.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

18765da68fc25d0a5b50b9983466d6ad6e5f87d49865337bb8b241820e68f2cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 859003627 ra03 11 06
age: 0
content-length: 715
x-xss-protection: 1; mode=block
x-request-id: 22cd632b-87de-421c-b255-9e356cc4c32d
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-764"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:25:07 GMT

GET
H2 200 carousel-oglobo.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 8 KB
3 KB 227ms
225ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/carousel-oglobo.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

965f794992207e65a370768510a64b8d387a590c12cbe0f893452440e863b45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 734846367 ra03 11 06
age: 45
content-length: 2604
x-xss-protection: 1; mode=block
x-request-id: 3ab01f56-7ee3-4b63-b8da-8bf9aaf3dbe2
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-20c9"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:24 GMT

GET
H/1.1 200
OK oglobo-footer.js Show response
oglobo.globo.com/1/scripts/ 3 KB
2 KB 459ms
229ms Script
text/javascript 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/1/scripts/oglobo-footer.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

1bdd1864731bd92a02ecef0e293d581de9422838338d659c591d74814ecb21f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Feb 2022 13:23:49 GMT
Content-Encoding: gzip
Age: 1688180
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 845
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 16:42:44 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a051deba-a3e-5d7fd1b0ba900-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 118671

GET
H2 200 iframe_wrapper.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/js/ 615 B
699 B 242ms
242ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/js/iframe_wrapper.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

83d5ada38cfff8645213b90228afa64c0cb7f47c57b144ed1c8e28e9f204c3ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 848219914 ra03 11 06
age: 42
content-length: 287
x-xss-protection: 1; mode=block
x-request-id: d351f69f-1b14-4069-a694-fd01fb091fdb
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB1D011
etag: W/"62275c0b-267"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:25 GMT

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 30ms
6ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:08 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 18:46:17 GMT
etag: "f7f936f48944db7f829585c4368f33ae+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=1800
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 29178
tw-cdn: FT
x-served-by: cache-iad-kiad7000098-IAD, cache-hhn11550-HHN

GET
H2 200 froogaloop2.min.js Show response
i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/ 2 KB
1 KB 226ms
226ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/froogaloop2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

be8b51ffb37d864a2ba662d9de815277a243daac644b4f911cb648908c356a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 854097615 ra03 11 06
age: 42
content-length: 748
x-xss-protection: 1; mode=block
x-request-id: 1ba5c091-e9c2-4c0f-b9ab-135fa6ad7af7
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB1D011
etag: W/"62275c0b-605"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:25 GMT

GET
H2 200 glbVideosBox.js Show response
i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/ 12 KB
5 KB 230ms
230ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/glbVideosBox.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

8b82fda809fc2f47f3da083ded89972d3f87f4f81002327d56a0de29c7033b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 752262037 ra03 11 06
age: 42
content-length: 4233
x-xss-protection: 1; mode=block
x-request-id: e1eb0e23-0efd-4059-96cd-6abc24087922
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB1D011
etag: W/"62275c0b-3032"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:25 GMT

GET
H2 200 glbVideosBox.css
i.glbimg.com/og/ig/infoglobo1/static/widgets/css/box_videos/ 3 KB
2 KB 242ms
242ms Stylesheet
text/css 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/css/box_videos/glbVideosBox.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

4ad22ce680fcf13523048c47590c38aaf156a6b12c4c067fdec0423da551eb8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 859003636 ra03 11 06
age: 42
content-length: 1150
x-xss-protection: 1; mode=block
x-request-id: 0bc3b9c6-f247-4add-9695-ade8dfa1645c
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB1D011
etag: W/"62275c0b-db9"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:25 GMT

GET
H2 200 instafeed.min.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 6 KB
3 KB 243ms
243ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/instafeed.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

6565dcce8b48f2d1b28e6a0c3c8e774430eb648873c29fd7e6169cb8fabc1697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 859003637 ra03 11 06
age: 42
content-length: 2255
x-xss-protection: 1; mode=block
x-request-id: e7ab4178-752a-4f8b-81ed-44ceb670e1ec
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-1843"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:25 GMT

GET
H2 200 modernizr.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 11 KB
5 KB 231ms
230ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/modernizr.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

daf4e71749c1a66c6dbf7fcbf3e0f58154b212aaf499dbf290f740a57f1c5f8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 218222431 ra03 11 06
age: 42
content-length: 4982
x-xss-protection: 1; mode=block
x-request-id: 7822b15b-b54b-4cc0-bcd6-52e1a81a7aeb
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-2bfc"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:26 GMT

GET
H2 200 scripts.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 7 KB
3 KB 231ms
231ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/scripts.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

bb86167c7e059811c8d81abab96888c31270725e6c853d8627707aad79a477da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 706215887 ra03 11 06
age: 42
content-length: 2438
x-xss-protection: 1; mode=block
x-request-id: b39267ad-c59e-4d50-9e5b-4275ee3c57af
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-1ce8"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:26 GMT

GET
H2 200 advertising.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 3 KB
1 KB 227ms
226ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/advertising.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

6904824ca3d73b24a9f42562d3ffc0c5c5b5215f7070f07a46de38f4bde7a431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 734846368 ra03 11 06
age: 43
content-length: 1086
x-xss-protection: 1; mode=block
x-request-id: e2901a68-1a47-4d9a-9c3c-d8f6289feea5
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-bcb"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:26 GMT

GET
H2 200 lazyload-pics.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 1 KB
997 B 227ms
226ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/lazyload-pics.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

2855bde15b744f89d54f309df7cdeb9623e612a0b6c3ad1d4f4871bf800b62b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 929777030 ra03 11 06
age: 43
content-length: 585
x-xss-protection: 1; mode=block
x-request-id: 487f46c4-c42d-49df-9687-16e66cd4ea4a
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-5d3"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:26 GMT

GET
H2 200 popup-menu.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 1 KB
756 B 243ms
243ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/popup-menu.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

a7238920c10d0793c6ae08536b413cab8ed0a38e67e5b37e136b9cfaf3f98ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 751772276 ra03 11 06
age: 42
content-length: 344
x-xss-protection: 1; mode=block
x-request-id: 0d14bfba-9f86-4565-b263-e1df94e6e798
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-407"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:26 GMT

GET
H2 200 social-share.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 2 KB
1 KB 243ms
243ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/social-share.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

4cc032573bae338501e8313c028ce05b979c93b2370d3bdbf3a35eb59eb6c9b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1073614628 ra03 11 06
age: 42
content-length: 676
x-xss-protection: 1; mode=block
x-request-id: 1f76d39d-eb00-4b09-88e1-8b90e031001a
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-78f"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:26 GMT

GET
H2 200 clipboard-email.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 1 KB
1012 B 231ms
231ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/clipboard-email.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

cc89a2874cb232f34cec4cbe24fcb9ec4d046edecf739cbd448d23958217cb7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 752262062 ra03 11 06
age: 42
content-length: 600
x-xss-protection: 1; mode=block
x-request-id: 03cd4eab-768a-4e29-99e9-eef71995204d
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-572"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:26 GMT

GET
H2 200 header-more-than-10.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 309 B
621 B 226ms
224ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/header-more-than-10.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

6b14236bbf1fa5f3b3c4ad5fc7709e1f220e8355886a60a6b5908fa90254bbf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 929777028 ra03 11 06
age: 43
content-length: 209
x-xss-protection: 1; mode=block
x-request-id: 94dc5b90-5801-4eb6-8e0a-9b9aede31ec7
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-135"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:26 GMT

GET
H2 200 settings.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 3 KB
2 KB 491ms
490ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 61577749b4423c492bfe2f3bfff475e3397fb3738794c289f783be6b03457194

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:09 GMT
content-encoding: gzip
x-openstack-request-id: tx4a11ee2dd23842579e498-0062280e30
last-modified: Fri, 04 Mar 2022 16:44:48 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1646412287.20375
cache-control: public, max-age=180
x-trans-id: tx4a11ee2dd23842579e498-0062280e30
x-request-id: f6c763af-b21a-4562-b5bc-49a5f48450be

GET
H2 200 sticky-fullbanner.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/js/ 6 KB
2 KB 226ms
225ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/js/sticky-fullbanner.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

3fa98539b048ed8be50c16179bf796ec57cbc7721fee317bdb21e8519a157487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 858092196 ra03 11 06
age: 31
content-length: 2133
x-xss-protection: 1; mode=block
x-request-id: ba070a60-82f2-4120-b5d9-c1c31eb08eed
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB1D011
etag: W/"62275c0b-17a3"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:36 GMT

GET
H2 200 cycle2.min.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 23 KB
8 KB 242ms
242ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/cycle2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

f442b7ee7eddcc4dbea9173e4286180f880016a912175834a7904c6b9fb66d42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 848219915 ra03 11 06
age: 31
content-length: 8155
x-xss-protection: 1; mode=block
x-request-id: 00e55714-bca9-45d5-9877-6dada6c2eb41
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-5a0a"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:36 GMT

GET
H2 200 cycle2.swipe.min.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 1 KB
954 B 231ms
231ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/cycle2.swipe.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

98a154949f988eb6ba60269500c8a4557b47d0f52a4f45cc5c82eaa04ca0945a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 752262038 ra03 11 06
age: 31
content-length: 542
x-xss-protection: 1; mode=block
x-request-id: 3090c871-511a-4b40-8ce0-8fa46c150546
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-4fd"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:36 GMT

GET
H2 200 detect-private-browsing.js Show response
i.glbimg.com/og/ig/infoglobo1/static/_js/ 3 KB
1 KB 243ms
243ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/_js/detect-private-browsing.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

820cd1061ff66e21080de6746083e199cddb639b2070f7713b95f7aa8ea43c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 859003638 ra03 11 06
age: 32
content-length: 846
x-xss-protection: 1; mode=block
x-request-id: 10a9f91d-1e50-4c67-9f0b-fe0c03ba07b9
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB1D011
etag: W/"62275c0b-a1b"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:36 GMT

GET
H2 200 auto-resize-media.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 1 KB
985 B 231ms
231ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/auto-resize-media.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

2a0b922d729ee8d6c57e9a1ca8edec7f0da91610c3be49e045f3e19b51e74f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 706215888 ra03 11 06
age: 32
content-length: 573
x-xss-protection: 1; mode=block
x-request-id: 47baa74c-6a48-45e5-89b1-2a607a379dbb
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-4f3"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:36 GMT

GET
H2 200 barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/ 22 KB
5 KB 711ms
226ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

d1de187546e564a61ba6a5a86a44a6212ebac1e93e0e5e6980e1d300bdeba36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 666709181 ra09 20 05
age: 465695
content-length: 5096
x-xss-protection: 1; mode=block
x-request-id: f564314e-b387-4433-92e9-5783351ee9c1
last-modified: Thu, 03 Mar 2022 15:23:31 GMT
x-thanos: 0AB4D005
etag: W/"6220dd73-588f"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 10 Mar 2022 16:58:33 GMT

GET
H/1.1 200
OK advertisement.js Show response
ogjs.infoglobo.com.br/1462389483/js/ 54 B
493 B 924ms
228ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/1462389483/js/advertisement.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

aad4dd2e4a2cad3ffc9de8feca664b6ab4712fe65746c912191c2cb544b35b49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 16:28:29 GMT
Age: 1763499
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 54
Last-Modified: Thu, 13 Jan 2022 13:11:12 GMT
Server: Apache
ETag: "a05b6a27-36-5d5766b9f1c00"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 596741

GET
H2 200 home.css
i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/ 49 KB
11 KB 448ms
448ms Stylesheet
text/css 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

3bbf6a0a03aa7b5c5fa5d4db224503f9578dafa7de54b0682f650c1b2e0aa129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 245580909 ra03 11 06
age: 33
content-length: 10494
x-xss-protection: 1; mode=block
x-request-id: 608ced9b-091e-4dec-861b-3e17850330d3
last-modified: Tue, 08 Mar 2022 13:37:17 GMT
x-thanos: 0AB1D011
etag: W/"62275c0d-c3ae"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:36 GMT

GET
H2 200 mais-blogs.css
i.glbimg.com/og/ig/infoglobo1/static/widgets/css/ 580 B
678 B 239ms
238ms Stylesheet
text/css 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/css/mais-blogs.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

239.230.215.35.bc.googleusercontent.com

Software

Resource Hash

c4ba9c3b4b570311f0aa547c37d279e5b2aa456cba0721f0b6456ec38d61b3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 858092233 ra03 11 06
age: 226
content-length: 276
x-xss-protection: 1; mode=block
x-request-id: 52844166-f791-41f4-9ceb-fd66b577644e
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB1D011
etag: W/"62275c0b-244"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:21:23 GMT

GET
H2 200 selected-alternatives Show response
globo-ab.globo.com/v2/ 327 B
857 B 801ms
276ms Fetch
application/json 35.215.230.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://globo-ab.globo.com/v2/selected-alternatives?experiments=player-isolated-experiment-02&skipImpressions=true

Requested by

Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.215.230.239 São Paulo, Brazil, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ea486f66014277c19812a374312c5aba45b759eb83f9d4f406bdcd210be96c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=300; includeSubDomains
trace-id: fd6274550ff0520d
access-control-allow-headers: user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID

GET
H2 200 mais-blogs.js Show response
i.glbimg.com/og/ig/infoglobo1/static/widgets/js/redesign2019/ 2 KB
1 KB 229ms
229ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/redesign2019/mais-blogs.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

a56a3653f34e27cf4fa8dbe6d066fd075f7285a756440c18237972e0bc6f7695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 863737424 ra03 11 06
age: 169
content-length: 766
x-xss-protection: 1; mode=block
x-request-id: 5bf7bd4e-1ee3-4e46-b4d4-1f0201e7cc6f
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB1D011
etag: W/"62275c0b-757"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:22:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
74 KB 142ms
56ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55NG4R

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94a95ff3986cde19c22cfd1651ad5bbf615d61ddc4adb7375a934ed1ad05be42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75594
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 00:22:23 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Mar 2022 02:20:10 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/ 131 KB
28 KB 28ms
12ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4dd4c70ae62d71f14dc1176521ccdb5a90f6d52727afef664975f0c570187d0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
last-modified: Fri, 04 Mar 2022 15:04:42 GMT
server: AkamaiNetStorage
etag: "90cad5caab2071f870ac9f0d994d5049:1646406282.757994"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 28120
expires: Wed, 09 Mar 2022 02:25:10 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d6d510558562726d61195dbea3c191a63c19cc3108fe15cf85eda55c3a903a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: NfxZCx08CIoDIFlYpxIonw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 09 Mar 2022 02:31:28 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: zh1j2ZxkkBSjuia37Q6cxwRfq4FuuP5CiJ9acddDX/P4SAMcqtjL+GgHOzpW5A5etmSKUEvyH3vGMwPErB4j1Q==
x-fb-trip-id: 917726464
x-fb-content-md5: af8fdccedc5520405f0cd30e7183f4de
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 09 Mar 2022 02:20:10 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7327a561fe929a370738feb4ec8dc83b"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK header.html Show response
oglobo.globo.com/ 91 KB
33 KB 915ms
228ms XHR
text/html 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/header.html?cache=true

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/1/scripts/oglobo-header.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

05af8881e716fb64dc6a8f0e821a91492a53f451133b46e3835829f77d409385

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:02:22 GMT
Content-Encoding: gzip
Age: 1068
grace: none
X-Cache: HIT
X-Cache-Hits: 143
Strict-Transport-Security: max-age=15768000
Content-Length: 33305
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
cache-control: public, max-age=14400
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Wed, 09 Mar 2022 02:04:23 GMT

GET
H2 200 close.png
i.glbimg.com/og/ig/infoglobo1/static/blog/_img/ 1 KB
1 KB 227ms
226ms Image
image/png 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_img/close.png

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

46b5e251620a83a6e7b8bd777226f41f87f41cab1b11291db3d872cd93d78ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 735671741 ra03 11 06
age: 31
content-length: 1036
x-xss-protection: 1; mode=block
x-request-id: 1c6c387a-827f-411e-90ab-1bd859e97b70
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: "62275c0c-40c"
vary: Origin
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:39 GMT

GET
H2 200 ico-circle.svg
i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ 781 B
889 B 227ms
226ms Image
image/svg+xml 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ico-circle.svg

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

f411ed8284b38cc0d295fffe96d3b626a09b446113253a999a30fa15bca7b525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 101981829 ra03 11 06
age: 31
content-length: 483
x-xss-protection: 1; mode=block
x-request-id: 8a9f95ed-c03a-4b17-9541-7d6c253152ff
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-30d"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:39 GMT

GET
H2 200 ico-arrow-back.svg
i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ 527 B
728 B 226ms
226ms Image
image/svg+xml 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ico-arrow-back.svg

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

a595576eeab89707bc27f276a7b81404f36575c6af9fa872533ab0856aed7f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 101981830 ra03 11 06
age: 31
content-length: 323
x-xss-protection: 1; mode=block
x-request-id: 2a3a0482-c38a-48a0-8930-432a194722c7
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-20f"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:39 GMT

GET
H2 200 WhitmanDisplayCond-Bold.OTF
i.glbimg.com/og/ig/infoglobo1/static/blog/_font/redesign2019/ 79 KB
79 KB 684ms
232ms Font
application/x-font-otf 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_font/redesign2019/WhitmanDisplayCond-Bold.OTF

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

f0d956a19224d2a65308e4643a6a96418fe8e1bf93e563fc59c0a9ed9b2945c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
Origin: https://blogs.oglobo.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 187433453 ra03 11 16
age: 26
content-length: 80404
x-xss-protection: 1; mode=block
x-request-id: 8869fe5b-a62c-4bb7-8e42-1d92c486f412
last-modified: Tue, 08 Mar 2022 13:37:17 GMT
x-thanos: 0AB1D028
etag: "62275c0d-13a14"
vary: Origin
content-type: application/x-font-otf
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:24:44 GMT

GET
H2 200 malu-gaspar.png
i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 38 KB
38 KB 236ms
235ms Image
image/png 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/malu-gaspar.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-15.prt.globo.com

Software

Resource Hash

62537d1d83fc70d91a66df6aa2869035e1deb77a0dca3d2bfd507b8c19afcec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 613394190 ra03 11 06
age: 0
content-length: 38549
x-xss-protection: 1; mode=block
x-request-id: 4dc71528-d2b3-42b6-93c4-e6fc869484c8
last-modified: Wed, 17 Feb 2021 18:49:10 GMT
x-thanos: 0AB1D011
etag: "602d6526-9695"
vary: Origin
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:25:10 GMT

GET
H2

200

3PtJkj856nwoi79q6txIQA Show response
open.spotify.com/embed-podcast/episode/ Frame 1C08
Redirect Chain

https://open.spotify.com/embed/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator

37 KB
10 KB

139ms
139ms

Document
text/html

2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

54791e2f4e190b3292035a37fca1a66417c79b8e6c45bf8211ed55fe06cb2814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
spotify-request-id: d81b44f4-c2d4-4607-8384-acf4940ca4ec
content-encoding: br
x-join-the-band: https://www.spotify.com/jobs/
sp-trace-id: afaea855a5c8f092
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

Redirect headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-type: text/html
location: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
x-join-the-band: https://www.spotify.com/jobs/
sp-trace-id: 8cd8a7abf0566c26
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 200 ultimos-posts.json Show response
blogs.oglobo.globo.com/malu-gaspar/ 3 KB
1 KB 236ms
235ms Fetch
application/json 186.192.81.15
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.oglobo.globo.com/malu-gaspar/ultimos-posts.json

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/read-too.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.15 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

b679c78a80fb5f69e0d26dcd8e3e7a51ab9f4c8a26c134584760f5e2737b02e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
x-bip: 960768169 ra03 11 15
age: 0
content-length: 1098
x-request-id: 8bccf1f9-dcc2-4ffb-be69-a994b4ad0eb6
last-modified: Tue, 08 Mar 2022 20:10:31 GMT
x-thanos: 0AB1D027
x-frame-options: SAMEORIGIN
etag: W/"6227b837-a10"
vary: Accept-Encoding, X-Forwarded-Proto, X-Mobile-Group
content-type: application/json
via: 2.0 CachOS
cache-control: max-age=60
accept-ranges: bytes
expires: Wed, 09 Mar 2022 02:21:10 GMT

GET
H2 200 mais-blogs.json Show response
blogs.oglobo.globo.com/politica/ 7 KB
3 KB 227ms
227ms Fetch
application/json 186.192.81.15
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.oglobo.globo.com/politica/mais-blogs.json?callback=mais-blogs

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/redesign2019/mais-blogs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.15 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-15.prt.globo.com

Software

Resource Hash

56dca1258abe5511e3951cb482b95385daa9206fa5403842445f651fc24b6b94

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
x-bip: 479635879 ra03 11 15
age: 9
content-length: 2256
x-request-id: d6eddd8d-ca2e-4537-aa4e-2a0be61fab1b
last-modified: Wed, 09 Mar 2022 02:18:08 GMT
x-thanos: 0AB1D027
x-frame-options: SAMEORIGIN
etag: W/"62280e60-1cf5"
vary: Accept-Encoding, X-Forwarded-Proto, X-Mobile-Group
content-type: application/json
via: 2.0 CachOS
cache-control: max-age=60
accept-ranges: bytes
expires: Wed, 09 Mar 2022 02:21:01 GMT

GET
H2 200 ico-key.svg
i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ 1 KB
1 KB 373ms
373ms Image
image/svg+xml 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ico-key.svg

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

34f6d98ef7d173daed822d375453e08ce1de893b84d58b0b24a7f4ec69ccf899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 528917181 ra03 11 06
age: 139
content-length: 672
x-xss-protection: 1; mode=block
x-request-id: 5b6704aa-c020-4c61-abf4-7d3997130c01
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB1D011
etag: W/"62275c0c-46a"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:22:50 GMT

GET
H2 200 95292419_manaus_16-09-2021_estudos_cientificos_irregulares_com_a_proxalutamida_um_remedio_obscuro_de.jpg
s2.glbimg.com/BAXJfc2BuAH7nWT1Y0wEK0YBRdE=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/09/17/ 21 KB
21 KB 288ms
287ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/BAXJfc2BuAH7nWT1Y0wEK0YBRdE=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/09/17/95292419_manaus_16-09-2021_estudos_cientificos_irregulares_com_a_proxalutamida_um_remedio_obscuro_de.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 483e5dd4b1810cabf0aa1914e0f45acb5ef639d7ede33610649f0cb61a1dc9a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
via: 2.0 CachOS
x-bip: 176885629 ra09 20 03
age: 426616
etag: "ade886fe89b5a3dadae696aaf632c86327785227"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 21608
x-request-id: 2ccf59b1-df27-4ad7-a1a9-aabe95bec20e
expires: Sun, 03 Apr 2022 03:49:54 GMT

GET
H2 200 51204019502_e714d4e8bc_k.jpg
s2.glbimg.com/V7Q0GkrTmQN-pPq7Ew6ftUm42ls=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/05/27/ 28 KB
28 KB 288ms
287ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/V7Q0GkrTmQN-pPq7Ew6ftUm42ls=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/05/27/51204019502_e714d4e8bc_k.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 948573286d889fce5089f810d8a2a67330d0c515b3857a451dd4f422abae8063

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
via: 2.0 CachOS
x-bip: 176885630 ra09 20 03
age: 426616
etag: "0205030e75f5ed75f785a31b2b23aa8fbdd0b468"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 28758
x-request-id: 01a17efe-6343-424c-b143-b68ba21d995a
expires: Sun, 03 Apr 2022 03:49:54 GMT

GET
H2 200 91586851_brazilian_president_jair_bolsonaro_r_greets_brazils_attorney_general_augusto_aras_during_h.jpg
s2.glbimg.com/EpJN1glMX6VQyLjUvwXe9mJ43DY=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/05/26/ 10 KB
11 KB 516ms
516ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/EpJN1glMX6VQyLjUvwXe9mJ43DY=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/05/26/91586851_brazilian_president_jair_bolsonaro_r_greets_brazils_attorney_general_augusto_aras_during_h.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 904a77899b55ec7a2110ec4436f858e03c523b47018a0cc3771f385e7323f3bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
via: 2.0 CachOS
x-bip: 163879476 ra09 20 03
age: 426616
etag: "360b3ce191272a98493e27d395ca5ac31de81f89"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 10610
x-request-id: 362ece83-8b24-478c-9d11-34abf0b0c267
expires: Sun, 03 Apr 2022 03:49:54 GMT

GET
H2 200 barra-globocom.min.js Show response
barra.globo.com/gl/ba/oidcprodutos/js/ 46 KB
17 KB 225ms
225ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

82cd1b61b349324e102d58679583114bd5b2620347f422ad05851b825a926748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 933990320 ra09 20 05
age: 465699
content-length: 16645
x-xss-protection: 1; mode=block
x-request-id: 07827a72-b7e0-4659-bcc3-1b15e116ee74
last-modified: Thu, 03 Mar 2022 15:23:29 GMT
x-thanos: 0AB4D005
etag: W/"6220dd71-b991"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 10 Mar 2022 16:58:31 GMT

GET
H/1.1 200
OK footer.html Show response
oglobo.globo.com/ 2 KB
2 KB 925ms
228ms XHR
text/html 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/footer.html?cache=true&env=PRD

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/1/scripts/oglobo-footer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

3c47e0a59a72649f45f26c3a8bfb761ba01d8c2d73e21d2667ffbc86483bc627

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 00:19:24 GMT
Content-Encoding: gzip
Age: 7246
grace: none
X-Cache: HIT
X-Mod-Pagespeed: Powered By mod_pagespeed
Strict-Transport-Security: max-age=15768000
Content-Length: 711
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
cache-control: public, max-age=14400
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Access-Control-Allow-Origin: *
Expires: Wed, 09 Mar 2022 00:21:10 GMT
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 303

GET
H2 200 embed.js Show response
oglobo.comentarios.globo.com/assets/js/ 43 KB
13 KB 1170ms
232ms Script
application/javascript 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/assets/js/embed.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/comment-widget/comment-widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

1f093bc730be083fb98900fb68fa27e0601d6117def41701dc6060d272e468aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-trace-id: e31b9600-9aa5-11ec-a417-01de1df2238d
date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Jan 2021 17:53:02 GMT
etag: W/"3116-1774a208830"
vary: Accept-Encoding
content-language: pt-BR
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: Content-Type
content-length: 12566
x-content-type-options: nosniff

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 144ms
57ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/glbVideosBox.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb140898441e0e96c3d2d57cad7572be0ca853db01829bc80684b7e3f0fd278d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Wed, 09 Mar 2022 02:20:10 GMT

GET
H2 200 widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame C73A 319 KB
103 KB 7ms
7ms Document
text/html 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fblogs.oglobo.globo.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

last-modified: Wed, 16 Feb 2022 18:36:30 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Wed, 09 Mar 2022 02:20:10 GMT
x-served-by: cache-iad-kjyo7100032-IAD, cache-hhn11550-HHN
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105433

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 280 KB
80 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=4c28f966a932a1e9c9b09ee309cd81cc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2dadc536c91762be67380a9eea91ad5635acec0f0c62730671a4906304604980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blogs.oglobo.globo.com/
Origin: https://blogs.oglobo.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: v9UqiRDrQ0bekPoDKbuEdQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 08 Mar 2023 23:41:46 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 81534
x-fb-rlafr: 0
x-fb-debug: raKwx+CGVRaFcghGbtqyxIVuv5PJxiD+iLbX6BDJBzOoqwwtrfYYc2taKecWXzgrbT9e8BSKX2s+LDPxCD8U6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c6fef7c47b899c08f3900fb166844f1d
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Mar 2022 02:20:10 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "02f15d70b9754e931f47e423ac683124"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 profiling.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/ 93 KB
28 KB 275ms
275ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 192d2eb7078526e7974933da14512e5f5d64902e654d1e4ee5b421abbf169a3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-openstack-request-id: tx3e75926e14d549bc8ae99-0062280e34
last-modified: Wed, 12 May 2021 17:50:53 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1620841852.71626
cache-control: public, max-age=180
x-trans-id: tx3e75926e14d549bc8ae99-0062280e34
x-request-id: c649b52c-d5b0-433a-b721-9e511acb8a0b

GET
H2 200 tm13574.js Show response
tag.navdmp.com/ 17 KB
6 KB 43ms
16ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13574.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:04 GMT
server: cloudflare
age: 3226
etag: W/"6137b330-4291"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6e905478397e9be8-FRA
content-type: application/javascript
expires: Wed, 09 Mar 2022 02:26:24 GMT

GET
H2 200 15688_oglobo.js Show response
ads.rubiconproject.com/prebid/ 398 KB
106 KB 30ms
7ms Script
text/javascript 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: af0b787aff69eb51047de80f7feee06dec5d4cf457a73140402e452c0704a142

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 23:41:17 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=8076
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 108254
expires: Wed, 09 Mar 2022 04:34:46 GMT

GET
H2 200 horizon-common-hit.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 41 KB
14 KB 229ms
229ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: fb4c391be2dd9e927d16789bebea68314f10f75383bc4a7b920e8addfdf3e44c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-openstack-request-id: txd623de5588674848aedb6-006227e640
last-modified: Wed, 22 Dec 2021 23:24:10 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1640215449.32111
cache-control: max-age=86400
x-trans-id: txd623de5588674848aedb6-006227e640
x-request-id: e47dd536-c2ca-43fa-8bbf-a33cffa7764f

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 233ms
227ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=201810192058

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 588009215 ra02 05 03
age: 2229
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: 3ca815b9-43e4-41f8-bcbb-ab84fd6dbe27
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB1500D
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:43:01 GMT

GET
H2 200 malu02.jpg
s2.glbimg.com/DNm8xgM8soeGAYnnRVYaclEVF5w=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/ 4 KB
4 KB 396ms
394ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/DNm8xgM8soeGAYnnRVYaclEVF5w=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/malu02.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 858ee298743a0f7bedc783805d245866482e2e6476bc50e217e4149109bbbb64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-bip: 403375772 ra09 20 03
age: 426612
etag: "571f1825558c7a5bd9a4900a0bad7b20abeebe02"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 4000
x-request-id: 31015b19-ca9a-4e6f-bcca-4f43242067db
expires: Sun, 03 Apr 2022 03:49:58 GMT

GET
H2 200 johanns-eller.jpg
s2.glbimg.com/obiuErYqAOT8lCUItjqTQ-4wSDk=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/ 840 B
1 KB 396ms
395ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/obiuErYqAOT8lCUItjqTQ-4wSDk=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/johanns-eller.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 6695338cf8288b54d8759aa42bc33ffec4890a9437b39cd83b09b10a69424681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-bip: 398411616 ra09 20 03
age: 426612
etag: "687ef7667844b847fe1f7302d143adfcc0f0216a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 840
x-request-id: b1432862-cebc-456a-8a68-58ad41fdf506
expires: Sun, 03 Apr 2022 03:49:58 GMT

GET
H2 200 mariana-carneiro.jpg
s2.glbimg.com/p3TFUF0pO71J03G9OG_l85wfYdg=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/ 746 B
1 KB 395ms
395ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/p3TFUF0pO71J03G9OG_l85wfYdg=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/mariana-carneiro.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 5e7ad57625716ecb64cc538548e77e0d0d9166af16eca0ee86385fdd54cc6410

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-bip: 401196373 ra09 20 03
age: 420675
etag: "0744ba2eb1ac7ecf376f01fe2a5e7306c3e61fe5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 746
x-request-id: 6564360c-242c-42a4-863b-83f784c17165
expires: Sun, 03 Apr 2022 05:28:55 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C73A 232 B
447 B 131ms
115ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2781613b82b1e145646ae5648d2d7bbb97ae1400

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fblogs.oglobo.globo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 02:20:11 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 585e262ac23942da51a925f5720ddd4ff19a6598bdf2c81408e03015b8fbda51
content-length: 166

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
39ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55NG4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2718
date: Wed, 09 Mar 2022 01:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 09 Mar 2022 03:34:53 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 145ms
54ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55NG4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Mar 2022 02:20:11 GMT

GET
H2 200 ivc.js Show response
gadasource.storage.googleapis.com/ 71 KB
24 KB 159ms
41ms Script
text/plain 2a00:1450:4001:812::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gadasource.storage.googleapis.com/ivc.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:45:56 GMT
content-encoding: gzip
age: 2055
x-guploader-uploadid: ADPycdvjmvFxaaa9a6VGoSz4b1mezSDiCQbJ6ImI7O-lhMUTuHw4Pjr17J30SqpFD7x4OqM8_NCjioXR1y61EefuElI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24321
last-modified: Mon, 02 Sep 2019 19:50:51 GMT
server: UploadServer
etag: "cdaa61cbc24c48191196b45b31a7e18b"
vary: Accept-Encoding
x-goog-hash: crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
x-goog-generation: 1567453851562424
cache-control: public, max-age=3600
x-goog-stored-content-length: 24321
accept-ranges: bytes
content-type: text/plain
expires: Wed, 09 Mar 2022 02:45:56 GMT

GET
H3 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb2a32c84691cc4f718034bd0a3c62ca04ab172ab8a892b59969ad3e48ea7b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rZveOJ2tVmcDWI8EsShJQQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2169
x-fb-rlafr: 0
x-fb-debug: PcZVjgMmoOnI8zCDdK879/ww0twLqp10YInv6bwjkIhG7HUr60ZaALu9W8DCPTXC8SfJnYOAAo7aaVA+pkG1bQ==
x-fb-content-md5: b380b3a1b766aeb84730fe0092a689e7
x-frame-options: DENY
date: Wed, 09 Mar 2022 02:20:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b8af14df59f6b89cf170df77c2ac20cd"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 09 Mar 2022 02:34:22 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26291
x-xss-protection: 0
pragma: public
x-fb-debug: IXcnvBYvg3rvujoQhaGNEBBZHK7zGdCdbB/0RBIoyN0WPuc6Dfaj+/SEaVD6jpInhb78G/AwlQ0EugPF1htFig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 09 Mar 2022 02:20:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

14 KB
6 KB

41ms
6ms

Script
application/javascript

199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100125-IAD, cache-hhn11540-HHN

Redirect headers

date: Wed, 09 Mar 2022 02:20:10 GMT
vary
x-cache: HIT
location: https://static.ads-twitter.com/oct.js
retry-after: 0
accept-ranges: bytes
content-length: 0
tw-cdn: FT
x-served-by: cache-hhn11550-HHN

GET
H2 200 2v84n8g15c1895dv.js Show response
cdn.petametrics.com/ 165 KB
48 KB 64ms
19ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/2v84n8g15c1895dv.js?ts=457442
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26d5bf13e1916e7f19a9d7f2c0ca803dd1c3b7133222992f77e8d45ec4a5f653

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 20:19:41 GMT
server: AmazonS3
x-amz-request-id: Q6YGN8V9TQYBD4CZ
etag: "7ff22d09d14404816d3c9e109840e5b6"
x-hw: 1646792411.cds150.am5.hn,1646792411.cds263.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
content-length: 49143
accept-ranges: bytes
x-amz-version-id: OrX5gM9_U23XC_pNmtftFW7rcttwutvK
x-amz-id-2: KIJWVN+u2GT/eKx9b/Bl7ScYRUiZVB4j2+P1+5sMWcq7ojJ+p6WwYncUQWXchCkObTNdI1JSXh0=

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 74ms
23ms Script
application/x-javascript 2600:9000:2104:8c00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8c00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:13:09 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 22:23:33 GMT
server: nginx
age: 4022
etag: W/"61fc55e5-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: MKvTOhaFM038GGPjz7c-vff1JC5HaCoUWMYvtQYvARgi1qsqpm6bJA==
expires: Wed, 09 Mar 2022 03:13:09 GMT

GET
H2 200 init.js Show response
api.deep.bi/v3/ 67 KB
24 KB 77ms
35ms Script
application/javascript 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v3/init.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2faf7911101f5a49100c25d25b355d0bf995adcf50525c580864fe42fd6fa9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blogs.oglobo.globo.com/
Origin: https://blogs.oglobo.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 09 Mar 2022 02:03:52 GMT
server: cloudflare
age: 979
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-if-error=3600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
cf-ray: 6e905478ecff9bbc-FRA

GET
H2 200 15688-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 60 KB
5 KB 22ms
8ms XHR
application/json 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 69e86514be1b54e30a3c6f91db0a028adecbf50b60c123bea3aec29e208ab434

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 01:41:01 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5379

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 72ms
21ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220309

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3edfc5cf2993af615b3e6952055d1d26acd1bdbe1240257ed7aa25e3c88f2a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22691
x-jsd-version: 1.0.1274
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19143-FRA, cache-hhn4068-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66e-LkMc4oDMmQLGoGkC6sUX+UnStf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6e9054793fa56910-FRA

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
312 B 1512ms
1503ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c13188c570ea530c7750409fe23659b3647a8c3cb506351f56ba17e7a97fb4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e905478fa379be8-FRA
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Wed, 09 Mar 2022 03:20:12 GMT

GET
H/1.1 200
OK CircularSpUIv3T-Bold.8d0a45cc.woff2
open.scdn.co/cdn/fonts/ Frame 1C08 71 KB
72 KB 45ms
7ms Font
application/octet-stream 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/fonts/CircularSpUIv3T-Bold.8d0a45cc.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 897cda707d438f8d6b6b92cfcb2c1fd2035ff59f5f0c5b9943d2f04d411f7fda

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:11 GMT
Last-Modified: Fri, 21 Jan 2022 03:17:01 GMT
Age: 4056403
ETag: "c147cc237b8b07e0a8875dfbbe857b29"
X-Served-By: cache-ord1729-ORD, cache-hhn11559-HHN
X-Cache: HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 72840
X-Cache-Hits: 1, 232544

GET
H/1.1 200
OK spoticon_regular_2.d319d911.woff2
open.scdn.co/cdn/fonts/ Frame 1C08 56 KB
56 KB 50ms
6ms Font
application/octet-stream 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/fonts/spoticon_regular_2.d319d911.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:11 GMT
Last-Modified: Mon, 07 Feb 2022 11:21:58 GMT
Age: 2558747
ETag: "3b7bbfac9ed3e75d426728e900579aa9"
X-Served-By: cache-ord1728-ORD, cache-hhn11521-HHN
X-Cache: HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 56996
X-Cache-Hits: 1, 8275

GET
H/1.1 200
OK embed.5deeee5f.css
open.scdn.co/cdn/build/embed/ Frame 1C08 9 KB
2 KB 44ms
6ms Stylesheet
text/css 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/build/embed/embed.5deeee5f.css
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ddf42245fe4d2966e95db9c2d44a908a37bbe952453aa148c6261444b5ca8ab3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Feb 2022 11:39:01 GMT
Age: 2817468
ETag: "5b65f0732a00af120dba40a752323e96"
X-Served-By: cache-ord1726-ORD, cache-hhn11527-HHN
X-Cache: HIT, HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1207
X-Cache-Hits: 1, 78532

GET
H/1.1 200
OK vendor~embed.550b1e0b.js Show response
open.scdn.co/cdn/build/embed/ Frame 1C08 902 KB
268 KB 48ms
6ms Script
application/javascript 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/build/embed/vendor~embed.550b1e0b.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4c6b42511617ece0e6fe041a96722bc878b658c78941a2b0670068194d2b4beb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Feb 2022 10:09:37 GMT
Age: 749192
ETag: "627890522ed050437c6e28481a10be99"
X-Served-By: cache-ord1746-ORD, cache-hhn11554-HHN
X-Cache: HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 273626
X-Cache-Hits: 13, 72

GET
H/1.1 200
OK embed.97b93a27.js Show response
open.scdn.co/cdn/build/embed/ Frame 1C08 601 KB
138 KB 48ms
6ms Script
application/javascript 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/build/embed/embed.97b93a27.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 56c38052c571ec5b73124a97eef160d6e45b49722abb2a91f85c53343faa4c34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 14:06:58 GMT
Age: 43775
ETag: "9dab155804c3eadfab8e55cd048c6bf1"
X-Served-By: cache-ord1737-ORD, cache-hhn11524-HHN
X-Cache: HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 140911
X-Cache-Hits: 3, 244

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/2fd2ad45/www-widgetapi.vflset/ 152 KB
49 KB 91ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2fd2ad45/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45dc5dedead2b778c3973a826902175513d9c1024eb7dae00336f0bf41fb65c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50272
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 01:19:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Mar 2023 02:13:25 GMT

GET
H2 200 whatsapp_image_2022-03-08_at_15.12.39.jpeg
s2.glbimg.com/KbcaOum2Kl8phNzXQVYGeEaC0tI=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/08/ 2 KB
2 KB 256ms
255ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/KbcaOum2Kl8phNzXQVYGeEaC0tI=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/08/whatsapp_image_2022-03-08_at_15.12.39.jpeg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: fa04319a232ee5bbb6057c2a50c91523e75dc14684ac1dd356a609f953944b62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-bip: 402239710 ra09 20 03
age: 20700
etag: "11af9e0e15956ac8b7d9da86b1fb882d17ddbf1f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 1612
x-request-id: 2d6fd262-5cb9-4b37-9f4c-a19305c7c437
expires: Thu, 07 Apr 2022 20:12:48 GMT

GET
H2 200 de_olho_no_zap_malu_gaspar-2.jpg
s2.glbimg.com/Gfj0XDoMYXXD8-je6JAOKcbqiGA=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/07/ 4 KB
4 KB 256ms
255ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/Gfj0XDoMYXXD8-je6JAOKcbqiGA=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/07/de_olho_no_zap_malu_gaspar-2.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 3fed16689acb8ac4296524824645bce5ed09211edf532e91a60a68a773ee8e21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-bip: 155290786 ra09 20 03
age: 50772
etag: "12c98a6bc6abb97550aa1a502938d3a924475257"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 3654
x-request-id: 3ec99478-4021-4c26-aab6-8758c5c90997
expires: Thu, 07 Apr 2022 11:48:51 GMT

GET
H2 200 77633155_sao_paulo_sp_28062018_eleicoes-datena_-_a_coligacao_acelera_sao_paulo_formada_pelos_par.jpg
s2.glbimg.com/9Txxdah0HsaNjj1QhWgwP-FGjOI=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2018/07/06/ 6 KB
6 KB 257ms
256ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/9Txxdah0HsaNjj1QhWgwP-FGjOI=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2018/07/06/77633155_sao_paulo_sp_28062018_eleicoes-datena_-_a_coligacao_acelera_sao_paulo_formada_pelos_par.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 3b34614c1654b65b49dcc355e14fc66c2d96511299e7231b5c5960385935d54a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-bip: 399470952 ra09 20 03
age: 139998
etag: "dffe0a61f29e1a12148bd106e81744538fb4056e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 5830
x-request-id: 1d09d6ea-8f68-4e2d-a522-61bdc6641e31
expires: Wed, 06 Apr 2022 07:37:58 GMT

GET
H2 200 85687723_bsb_-_brasilia_-_brasil_-_14-11-2019_-_brics_-_na_foto_o_presidente_da_russia_vladimir_put.jpg
s2.glbimg.com/XycDynANWk2tvUDoC17NqUnGqPk=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/02/24/ 2 KB
3 KB 256ms
255ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/XycDynANWk2tvUDoC17NqUnGqPk=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/02/24/85687723_bsb_-_brasilia_-_brasil_-_14-11-2019_-_brics_-_na_foto_o_presidente_da_russia_vladimir_put.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 2a97b811be435ccde4c88a67e0b08cd38e44e7f9532c6242f87e66bddd82fd67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-bip: 156703211 ra09 20 03
age: 410870
etag: "16ee5d0d50aa808aa36caba59b1169e115f2ebd2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 2522
x-request-id: f0696c76-a11f-4529-8be0-fecc5d4d0609
expires: Sun, 03 Apr 2022 08:12:20 GMT

GET
H2 200 lauro-jardim.png
s2.glbimg.com/ql_8Hc1sv4FV9ECYqHPkg4LYFak=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 6 KB
6 KB 251ms
248ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/ql_8Hc1sv4FV9ECYqHPkg4LYFak=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/lauro-jardim.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 8ba77acafe3704e98738f79d44b0a4ecc1d5ba1279b037757a1e9996750075be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-bip: 296258392 ra09 20 03
age: 429149
etag: "290a32f393a662cf9f0fe93fb718956d64b7268e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 5730
x-request-id: 0f618e04-21dc-4f41-bdbc-b8b65442e111
expires: Sun, 03 Apr 2022 03:07:41 GMT

GET
H2 200 bela-megale.png
s2.glbimg.com/vpTXkNqynRgX0eur8JDdM0gF5JU=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 8 KB
8 KB 250ms
248ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/vpTXkNqynRgX0eur8JDdM0gF5JU=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/bela-megale.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 732d42a342d4fff357eb416ce4361d3b20d81948f73fcbf21d8574c2dca53e5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-bip: 402140767 ra09 20 03
age: 429149
etag: "f1c5f9368530b9ee4a4f44138a96068a54ee733f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 8140
x-request-id: da720a47-fe94-43f5-9646-98d80120978b
expires: Sun, 03 Apr 2022 03:07:41 GMT

GET
H2 200 vera-magalhaes.png
s2.glbimg.com/JtLshQ6k4UsWJvjORUQfwYyAR68=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 7 KB
7 KB 250ms
248ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/JtLshQ6k4UsWJvjORUQfwYyAR68=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/vera-magalhaes.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 500d5f282915d0ca5131de4105194e6e9d42045ceb04e4ca814b5de72e24e1ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-bip: 219878038 ra09 20 03
age: 429149
etag: "e3b63f57430c5edae529e279d08789697dd8e567"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 6684
x-request-id: 2f38a4c3-9bc4-442e-90b9-22f919703bae
expires: Sun, 03 Apr 2022 03:07:41 GMT

GET
H2 200 merval-pereira.png
s2.glbimg.com/cYGryP8LpXJt_mwsufw7KP2JQR8=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 5 KB
5 KB 250ms
248ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/cYGryP8LpXJt_mwsufw7KP2JQR8=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/merval-pereira.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 49cd1c5d3ec59da0b3dbf261e5b921acd2a425d03fa5af46831d1a4750ef4416

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-bip: 177442928 ra09 20 03
age: 429100
etag: "1ee251bcb1da3eed3cb9ec5ecaffac621c754513"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 5212
x-request-id: 1cebb58d-4fa9-4157-8e16-0358e5b7eb8c
expires: Sun, 03 Apr 2022 03:08:31 GMT

GET
H2 200 bernardo-mello-franco.png
s2.glbimg.com/1J75iuQfzv2Vqn30KNYDuPPfg6A=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 5 KB
6 KB 250ms
249ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/1J75iuQfzv2Vqn30KNYDuPPfg6A=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/bernardo-mello-franco.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 1f0d88fbcf99c888a2369a9d42ff96524c97d8fc1e6c0409395653afe68f7563

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 2.0 CachOS
x-bip: 182163563 ra09 20 03
age: 429149
etag: "21c244aadbc8971229da9bc94bf8f52a9701d1a2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D012
access-control-allow-headers: Content-Type
content-length: 5376
x-request-id: dd6dfa58-a7f7-4d3c-9b0d-322273a40e77
expires: Sun, 03 Apr 2022 03:07:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 35ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=705216002929827&ev=PixelInitialized&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646792411066

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 09 Mar 2022 02:20:11 GMT

GET
H3 200 792893547449051 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/792893547449051?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca774896b89643ab9db841169553bf60196fff1981f16b0db923f6908788f773

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89096
x-xss-protection: 0
pragma: public
x-fb-debug: Cv57Gkf4CFNsAjypakH5T1WEdc4VIHjYHfFfMJnxsdwXT7Cu+dj/DdrGySJQRn5gS3rvoQyTAw8kNlIdgYdRww==
x-frame-options: DENY
date: Wed, 09 Mar 2022 02:20:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 293ms
95ms Image
image/gif 54.86.181.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=oglobo.globo.com&p=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&u=B4V-EoBPFoSGCGmIiJ&d=blogs.oglobo.globo.com&g=56624&g0=Blogs%2CBlogs%2Fmalu-gaspar&g1=No%20Author&g4=post&n=1&f=00001&c=0&x=0&m=0&y=5555&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=5773&_c=newstarde&_m=email&_x=newsletter&t=DPAWWWDDlrpTB1K9jvBXIcSjRaF92&V=129&i=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&tz=0&_acct=anon&sn=1&sv=Cx9G0yDgQ1fGCgXj_oCfO4sVCzuxPz&sd=1&im=061b2ff3&_
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.181.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-181-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 __inventory.gif
query.petametrics.com/v1/ 35 B
93 B 147ms
110ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v1/__inventory.gif?ts=1646792411117&jsk=2v84n8g15c1895dv&jsv=20220216&cu=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&item=%7B%22opinion%22%3A%5B%22true%22%5D%2C%22content_tier%22%3A%5B%22metered%22%5D%2C%22location%22%3A%5B%22country%3Abrazil%22%5D%2C%22tag%22%3A%5B%22Waldir%20Ferraz%22%2C%22Jair%20Bolsonaro%22%2C%22isen%C3%A7%C3%A3o%20de%20imposto%22%2C%22asa%20delta%20%22%2C%22jet%20ski%22%5D%2C%22type%22%3A%5B%22website%22%5D%2C%22site_name%22%3A%5B%22Blogs%20O%20Globo%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%5D%2C%22image%22%3A%5B%22https%3A%2F%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2020%2F09%2F25%2Fa.jpg%22%5D%2C%22title%22%3A%5B%22Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%22%5D%2C%22description%22%3A%5B%22%20Por%20Malu%20Gaspar%20e%20Mariana%20Carneiro%20Amigo%20de%20longa%20data%20de%20Jair%20Bolsonaro%2C%20Waldir%20Ferraz%20afirma%20que%20atuou%20diretamente%20para%20que%20o%20governo%20zerasse%20a%20...%22%5D%2C%22locale%22%3A%5B%22pt_BR%22%5D%2C%22id%22%3A%5B%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%5D%2C%22authors%22%3A%5B%22%22%5D%2C%22category%22%3A%5B%22blogs-outros%22%5D%2C%22content_type%22%3A%5B%22post%22%5D%2C%22image145%22%3A%5B%22https%3A%2F%2Fs2.glbimg.com%2FqnZS32na7RVJzlkodGMBuqa8KNw%3D%2F145x87%2Fsmart%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2020%2F09%2F25%2Fa.jpg%22%5D%2C%22image105%22%3A%5B%22https%3A%2F%2Fs2.glbimg.com%2FQTcS7TDw8GQyBFsdVhcPCeE8tkA%3D%2F105x105%2Fsmart%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2020%2F09%2F25%2Fa.jpg%22%5D%2C%22published_time%22%3A%5B%222022-03-03T14%3A15%3A19-03%3A00%22%5D%2C%22modified_time%22%3A%5B%222022-03-03T14%3A20%3A35-03%3A00%22%5D%2C%22section%22%3A%5B%22Malu%20Gaspar%22%5D%2C%22protected%22%3A%5B%220%22%5D%2C%22teaser%22%3A%5B%220%22%5D%2C%22sponsored%22%3A%5B%220%22%5D%7D&ttl=0
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 __activity.gif
query.petametrics.com/v3/2v84n8g15c1895dv/5524d247-2a1c-48d3-f833-e274c44fd7e1/ 35 B
175 B 146ms
109ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/2v84n8g15c1895dv/5524d247-2a1c-48d3-f833-e274c44fd7e1/__activity.gif?e=pageview&ct=Isen%C3%A7%C3%A3o+de+tarifa+para+asa+delta+foi+pedido+de+amigo+de+Bolsonaro+%7C+Malu+Gaspar+-+O+Globo&ccu=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&tspl=5788&blst=5649&ist=5782&iet=5787&bdst=5649&bdet=5744&bcttt=8&ts=1646792411120&jsk=2v84n8g15c1895dv&jsv=20220216&cu=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&uid=5524d247-2a1c-48d3-f833-e274c44fd7e1&sid=d1a32475-7fd9-44a1-c57d-f3ad5463a67a&pvid=f93c121a-5540-4b18-c041-cac9e3a28e20&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK ab67656300005f1feef79be49cb4c6613e44382e
i.scdn.co/image/ Frame 1C08 25 KB
25 KB 30ms
7ms Image
image/jpeg 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/ab67656300005f1feef79be49cb4c6613e44382e
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c60bb9b0e504362a194028c89e93a7aed3dcb173d9fe38ee129d7a35cd84dcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:11 GMT
Last-Modified: Mon, 03 May 2021 17:10:24 GMT
Age: 1184109
ETag: "e6a17f48fea8cdda8e517c9e48eda86c"
X-Served-By: cache-ord1742-ORD, cache-hhn11554-HHN
X-Cache: HIT, HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 25207
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK CircularSpUIv3T-Book.3466e0ec.woff2
open.scdn.co/cdn/fonts/ Frame 1C08 67 KB
68 KB 7ms
7ms Font
application/octet-stream 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/fonts/CircularSpUIv3T-Book.3466e0ec.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1e9022d2e68559c3306657470dc8b02a28508564a67a45d70012205aca3eba47

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:11 GMT
Last-Modified: Wed, 08 Sep 2021 15:56:05 GMT
Age: 15674998
ETag: "6ff898ba447ac00bc6e457d25bcb0be8"
X-Served-By: cache-ord1734-ORD, cache-hhn11521-HHN
X-Cache: HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 68852
X-Cache-Hits: 1, 20418

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
459 B 139ms
122ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=l67dw&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=068aca66-9bff-4040-a5cd-f071b7cd7903&tw_document_href=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 116
date: Wed, 09 Mar 2022 02:20:10 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 19fd38d89583819a1f486c37bfcbd9b260fa4fb4e4485a9edfd55bfc0a9007da
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
336 B 140ms
123ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=l67dw&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=068aca66-9bff-4040-a5cd-f071b7cd7903&tw_document_href=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 116
date: Wed, 09 Mar 2022 02:20:10 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 28b81ca443455ca359c90b8e030f3d05a3751cc31ae6efab33f740db35871e12
content-length: 43

GET
H3 200 410270039520634 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/410270039520634?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d09e94db96acb4c513ae0008417ee87a4e6eb342fefb29da4ec4419573f6d0f7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89132
x-xss-protection: 0
pragma: public
x-fb-debug: s92BFF5mmVbcUmXJXXIqAR8hZsR3XLA9779HpgcxfLzSOy1NvfAzZ0uliGWCrDpTi3rDlHvwTr3Ie2LKBEEOMQ==
x-frame-options: DENY
date: Wed, 09 Mar 2022 02:20:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=792893547449051&ev=PageView&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646792411182&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646792411181.1508579004&it=1646792411074&coo=false&exp=p1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 02:20:11 GMT

POST
H2 200 / Show response
o22381.ingest.sentry.io/api/1409086/envelope/ Frame 1C08 2 B
245 B 58ms
22ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.550b1e0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://open.spotify.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

GET
H2 200 / Show response
apresolve.spotify.com/ Frame 1C08 273 B
268 B 51ms
20ms Fetch
application/json 2600:1901:0:524d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by: Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.550b1e0b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 1fb137baa4b4a6efae7b511ceaabab34eab2e5e2e3a75a9f51abc43ba6de2490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108
via: 1.1 google

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064234515/ 3 KB
2 KB 139ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064234515/?random=1646792411375&cv=9&fst=1646792411375&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&ig=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2bd43b43ecdcc79ff351eddc6a116c15377c82d39695d82387fcbf7f1ed1faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1211
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/984971963/ 3 KB
1 KB 140ms
54ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984971963/?random=1646792411377&cv=9&fst=1646792411377&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&ig=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3aeee22059091c3247d022e78ba2542125eff1e193b7a4a030823681993a9552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51216819-11&cid=1281472035.1646792411&jid=2016691672&gjid=1515470430&_gid=459233599.1646792411&_u=YGBAgEABAAAAAE~&z=1781688464

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Mar 2022 02:20:11 GMT
content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
537 B 148ms
48ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 84ms
38ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 06:24:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71755
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tv4.min.js Show response
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 28 KB
10 KB 226ms
225ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-openstack-request-id: txe9f92f8dc6dc437dbf611-006178410f
last-modified: Fri, 25 May 2018 14:11:50 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1527257509.32548
cache-control: public, max-age=31536000
x-trans-id: txe9f92f8dc6dc437dbf611-006178410f
x-request-id: 0a5ef98e-5666-4fc7-96e3-c1236e5ba668

GET
H2 200 horizon-client-js.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 11 KB
4 KB 225ms
225ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=201810192058
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-openstack-request-id: tx2acc0a48ba6a450b9a464-0062280e42
last-modified: Fri, 13 Nov 2020 17:21:38 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1605288097.88717
cache-control: public, max-age=600
x-trans-id: tx2acc0a48ba6a450b9a464-0062280e42
x-request-id: d7e25e55-0820-4120-a54a-19558243de22

GET
H/1.1 200 i
ivccf.ivcbrasil.org.br/ 43 B
461 B 1355ms
538ms Image
image/gif 35.80.125.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivccf.ivcbrasil.org.br/i?stm=1646792411479&e=pv&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&page=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=9&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=2fb37f2e-f2f3-4997-b7b4-8b86cf97b108&dtm=1646792411477&vp=1600x1200&ds=1600x5555&vid=1&sid=6bfb72a2-8d12-4da7-8b4a-efdaaecd6405&duid=5ff3b2bd-3f6b-4009-a39d-1a3a96979b2b&fp=3344960793
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.80.125.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-125-235.us-west-2.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:12 GMT
Server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 200 utag.114.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/ 6 KB
2 KB 8ms
7ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.114.js?utv=202001231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cf8524fe3df4089aaccb94904c865d32a9296371f3595b8d20828501739ac66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2021 14:46:46 GMT
server: AkamaiNetStorage
etag: "9c019eda3facc81fb1d1142a818a7811:1610117206.926317"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2153
expires: Thu, 24 Mar 2022 02:20:11 GMT

GET
H2 200 utag.159.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/ 1 KB
927 B 8ms
8ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.159.js?utv=201911252026
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a7c39868fc1fc707911067e2198b65860f351942aa5fdca625d52b24de8545bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2021 14:46:45 GMT
server: AkamaiNetStorage
etag: "cc2306e0f9a6ea18b631d36b225520c0:1610117205.684899"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 698
expires: Thu, 24 Mar 2022 02:20:11 GMT

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 226ms
225ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js

Requested by

Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 894710542 ra02 05 03
age: 2229
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: 1322e36a-6e17-4910-b33c-497ba2bd3079
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB1500D
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:43:01 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035227/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
347 B

15ms
14ms

Script
application/javascript

65.9.78.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 65.9.78.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-116.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:56:43 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1408
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: biRsgs1iMVpPl_SmaTMB70aqLA4Umfzwebq2iVziO_yFXXJ28D1Byg==

Redirect headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: kB_Tswgp-MyOM2snkcVe55P7UbudTjGxqhk8gEXlE-rSlxfnQZ8osQ==

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1646792411487&ns_c=UTF-8&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%2...
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1646792411487&ns_c=UTF-8&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%...

64 B
328 B

33ms
32ms

Image
image/gif

65.9.78.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1646792411487&ns_c=UTF-8&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 65.9.78.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-116.ams1.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Oc4T2WQVRsOlMIyMpnH0Wji-pUDg7Lu4ubg4CtmwXh4ZCO4x4yAoMw==

Redirect headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1646792411487&ns_c=UTF-8&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9=
content-length: 455
x-amz-cf-id: -EpVTk-MiFwf5TP7GRnyDpE3RYM2_3xN2REoTeIt0o7Fe8-L8CzfYw==

OPTIONS
H2 204 function-hermes
us-central1-white-list-566.cloudfunctions.net/ Frame 0
0 170ms
123ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-white-list-566.cloudfunctions.net/function-hermes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-max-age: 3600
content-type: text/html; charset=utf-8
function-execution-id: zab2xa9x45uz
x-cloud-trace-context: 0b95bd42e9f08134c1e465d260a69c51
date: Wed, 09 Mar 2022 02:20:11 GMT
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 1.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 27 KB
5 KB 229ms
228ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: a0b4ba1e324e044ece6be49b1920184bf4d9250689e1bb2fc551f5d2ae2fe003

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:50:24 GMT
Content-Encoding: gzip
Age: 1786
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 4558
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a03d77f0-6b23-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 9429

GET
H/1.1 200
OK 17.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 6 KB
2 KB 457ms
228ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/17.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: ad60ae41b6900e1f42ff17b3a4fa05d0c5dd7b88470e1bff9dd4fbd7ccbce98b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:50:23 GMT
Content-Encoding: gzip
Age: 1788
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1885
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a0615f34-16bd-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 9501

POST
H3 200 function-hermes Show response
us-central1-white-list-566.cloudfunctions.net/ 29 B
67 B 224ms
193ms Fetch
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-white-list-566.cloudfunctions.net/function-hermes
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: d5229b2bfadd599d39120f6ff602363038f3a840e0aece62865636f1ac30872f

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
server: Google Frontend
content-type: application/json
access-control-allow-origin: https://blogs.oglobo.globo.com
x-cloud-trace-context: 04b039a3ab937e91f91138a647834d80
cache-control: private
access-control-allow-credentials: true
function-execution-id: 6qorqxrj8o28
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49

GET
H2 200 cadun.js Show response
s.glbimg.com/pc/ca/ 14 KB
6 KB 227ms
226ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/cadun.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1030193993 ra02 05 03
age: 170113
content-length: 5547
x-xss-protection: 1; mode=block
x-request-id: 73b653d7-6a21-43bf-9bd4-dc9c503589de
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB1500D
etag: W/"6011d1fe-3759"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 14 Mar 2022 03:04:57 GMT

GET
H2 200 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 16 B
580 B 49ms
33ms XHR
text/plain 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a16b29a1b439bba8c31f0706b64055b5a283b3c22a8576007765c2ac84de3f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 6e90547c5b329b2b-FRA
pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
p3p: policyref="http://api.deep.bi/w3c/p3p.xml", CP="ADMa DEVa TAIa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 16
expires: 0

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 26ms
26ms Preflight 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e90547c18029bbc-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 141ms
51ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-11&cid=1281472035.1646792411&jid=2016691672&_u=YGBAgEABAAAAAE~&z=1883498367

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 137ms
53ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-11&cid=1281472035.1646792411&jid=2016691672&_u=YGBAgEABAAAAAE~&z=1883498367

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 player.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/ 2 MB
555 KB 234ms
234ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 5042161c4a24ceca086995677e9d8a23e7270065023c81dafee83efbb95cf18a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-openstack-request-id: txccf523d1733547cfa87a2-0062280931
last-modified: Thu, 03 Feb 2022 14:54:40 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1643898583.000000
x-timestamp: 1643900079.58871
cache-control: public, max-age=1800
content-type: application/javascript
x-trans-id: txccf523d1733547cfa87a2-0062280931
x-request-id: 6ad9d750-69e9-48a3-88a8-f2fbf7e57bf5

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=PageView&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646792411543&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646792411181.1508579004&it=1646792411074&coo=false&tm=1&exp=p1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 02:20:11 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=ViewContent&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646792411544&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.1.1646792411181.1508579004&it=1646792411074&coo=false&tm=1&exp=p1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 02:20:11 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=ContentData&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646792411544&cd[idMateria]=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&cd[dtPublicacao]=20220303&cd[tipoConteudo]=post&cd[conteudoExclusivo]=N%C3%A3o&cd[topicos]=&sw=1600&sh=1200&v=2.9.55&r=stable&ec=2&o=30&fbp=fb.1.1646792411181.1508579004&it=1646792411074&coo=false&tm=2&exp=p1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 02:20:11 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1064234515/ 42 B
154 B 76ms
53ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1064234515/?random=1646792411375&cv=9&fst=1646791200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&async=1&fmt=3&is_vtc=1&random=483386466&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1064234515/ 42 B
108 B 62ms
59ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1064234515/?random=1646792411375&cv=9&fst=1646791200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&async=1&fmt=3&is_vtc=1&random=483386466&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/984971963/ 42 B
64 B 99ms
51ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/984971963/?random=1646792411377&cv=9&fst=1646791200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&async=1&fmt=3&is_vtc=1&random=2722316196&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/984971963/ 42 B
154 B 56ms
53ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/984971963/?random=1646792411377&cv=9&fst=1646791200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&async=1&fmt=3&is_vtc=1&random=2722316196&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
466 B 181ms
82ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 sexqhznbn.js Show response
cdn.krxd.net/controltag/ 75 KB
21 KB 38ms
7ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.159.js?utv=201911252026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5eb0c95f0d7179c64baa27e947a3e78dc669a72397f690adfec421d751cf3446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 varnish, 1.1 varnish
age: 1005
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 20776
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kjyo7100035-IAD, cache-hhn4039-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1646792412.711153,VS0,VE0
etag: "5de8f588c1acbc44ba73a5864b7b57b763c894e2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 11

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 134ms
47ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.114.js?utv=202001231859

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

162.248.215.35.bc.googleusercontent.com

Software

sffe /

Resource Hash

d3e03356c9dcc487b194fa5d0ae3b43d578c114aeb8225ef28d8d44d4432aac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27774
x-xss-protection: 0
server: sffe
etag: "1154 / 658 of 1000 / last-modified: 1646780693"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Mar 2022 02:20:11 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 8ms
7ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=globo/infoglobo.oglobo/202203041504&cb=1646792411551
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 09 Mar 2022 02:30:11 GMT

GET
H2 200 get_access_token Show response
open.spotify.com/ Frame 1C08 188 B
438 B 40ms
39ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/get_access_token?reason=transport&productType=embed

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.550b1e0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

b92316177e083f663a9c2a8d199d52a7977633ace7690f2911e4cbb2530b1a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sp-trace-id: c5c5eea3d9f54511
date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
spotify-request-id: 81f2d1e7-31dc-4c1c-925f-30993c7a8172
vary: Accept-Encoding,Accept-Encoding
content-type: application/json; charset=utf-8
via: HTTP/2 edgeproxy, 1.1 google
strict-transport-security: max-age=31536000
alt-svc: clear
server: envoy
x-join-the-band: https://www.spotify.com/jobs/

POST
H2 200 events Show response
gew1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 1C08 13 B
106 B 133ms
132ms Fetch
application/json 2600:1901:1:5ca::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew1-spclient.spotify.com/gabo-receiver-service/public/v3/events

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.550b1e0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:5ca:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date: Wed, 09 Mar 2022 02:20:11 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 39
via: HTTP/2 edgeproxy, 1.1 google

POST
H2 200 events Show response
gew1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 1C08 13 B
139 B 140ms
139ms Fetch
application/json 2600:1901:1:5ca::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew1-spclient.spotify.com/gabo-receiver-service/public/v3/events

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.550b1e0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:5ca:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date: Wed, 09 Mar 2022 02:20:11 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 39
via: HTTP/2 edgeproxy, 1.1 google

OPTIONS
H2 200 events
gew1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 0
0 101ms
55ms Preflight 2600:1901:1:5ca::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew1-spclient.spotify.com/gabo-receiver-service/public/v3/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:5ca:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://open.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Wed, 09 Mar 2022 02:20:11 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

OPTIONS
H2 200 events
gew1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 0
0 67ms
21ms Preflight 2600:1901:1:5ca::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew1-spclient.spotify.com/gabo-receiver-service/public/v3/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:5ca:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://open.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Wed, 09 Mar 2022 02:20:11 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 200 15688-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 60 KB
5 KB 9ms
8ms XHR
application/json 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 69e86514be1b54e30a3c6f91db0a028adecbf50b60c123bea3aec29e208ab434

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 01:41:01 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5379

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 39ms
23ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220309

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3edfc5cf2993af615b3e6952055d1d26acd1bdbe1240257ed7aa25e3c88f2a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22690
x-jsd-version: 1.0.1274
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19143-FRA, cache-hhn4053-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66e-LkMc4oDMmQLGoGkC6sUX+UnStf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6e90547c5ce39c01-FRA

POST
H2 204 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 0
34 B 33ms
32ms XHR
text/plain 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cf-ray: 6e90547cbb839b2b-FRA

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 25ms
25ms Preflight 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e90547c986b9bbc-FRA

GET
H2 200 horizon-pageview
horizon.globo.com/auth-session/activity/blogs/ 0
239 B 635ms
202ms Image
text/plain 35.215.248.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/blogs/horizon-pageview?object=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&Referrer=&tags=&client_version=0.3.11

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.215.248.162 São Paulo, Brazil, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
x-served-from: hzt-tsuru
content-length: 0
strict-transport-security: max-age=60
content-type: text/plain; charset=UTF-8

GET
H2 200 schemas Show response
horizon-schemas.globo.com/ 115 KB
11 KB 695ms
229ms XHR
application/json 186.192.81.117
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-schemas.globo.com/schemas

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.117 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-117.prt.globo.com

Software

Resource Hash

205f829321df9fe22b15f5e4047370daaaa068193dac04c4bb4eca67d2960c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 160640616 ra09 20 15
age: 2921
vary: X-Forwarded-Proto, Accept-Encoding, Origin
content-length: 11250
x-xss-protection: 1; mode=block
x-request-id: 668f3fff-3334-48e0-96bd-eccd60c77e43
access-control-allow-origin: https://blogs.oglobo.globo.com
x-thanos: 0AB4D022
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json; charset=UTF-8
via: 2.0 CachOS
cache-control: max-age=7200, public
accept-ranges: bytes

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B057 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://blogs.oglobo.globo.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Wed, 09 Mar 2022 02:20:11 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 6ms
6ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
age: 1205427
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 684028
content-length: 84509
x-served-by: cache-hhn4039-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1646792412.724263,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 69ms
28ms Script
application/javascript 2606:4700:3032::ac43:bf95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:bf95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: W21G5BEW7RCCHDT7
x-amz-id-2: Zu6ILWClLDymSszCekw1FgRgMXhY9/GZQ0NEsF2aH+IaAnsD6k2rY0pXHao7xZEqORbyGvE2I48=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xfBlWX21nL8QjbuO8oJhpDRR1NwEKt7M4mDnXDaSai4D7TKJ5lzjbqOinvZOQ3RFuKgiU2glQBt%2FA5gvw17yXl1XCtS7Xd8Y%2FY5mWRnZJY1FMRMNGpwakWhKksuPrxWcAGxQ0aguhMQjBqJNqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 6e90547d9fc36987-FRA

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 38ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51216819-1&cid=1281472035.1646792411&jid=141865452&gjid=810129093&_gid=459233599.1646792411&_u=YGDAgEABAAQCAE~&z=900067611

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Mar 2022 02:20:11 GMT
content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=220978868&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&dp=%2Fpolitica%2Fblogs%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&ul=en-us&de=UTF-8&dt=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAQCAE~&jid=141865452&gjid=810129093&cid=1281472035.1646792411&tid=UA-51216819-1&_gid=459233599.1646792411&gtm=2wg37055NG4R&cd1=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&cd2=&cd3=&cd4=20220303&cd5=14&cd6=Waldir%20Ferraz%2CJair%20Bolsonaro%2Cisen%C3%A7%C3%A3o%20de%20imposto%2Casa%20delta%20%2Cjet%20ski&cd7=&cd8=N%C3%A3o&cd9=post&cd10=N%C3%A3o&cd45=Campanha%20-%20newsletter%20%2F%20email&cd46=semente&cd49=politica&cd60=N%C3%A3o&cd82=responsivo&cm1=0&cm2=5&cm3=3434&z=1504475257

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 06:24:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71755
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame C76E 805 B
826 B 7ms
6ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 varnish
age: 690830
x-served-by: cache-hhn4039-HHN
x-cache: HIT
x-cache-hits: 203529
x-timer: S1646792412.763125,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H/1.1 200
OK oglobo-footer.css
oglobo.globo.com/styles/ 3 KB
2 KB 229ms
228ms Stylesheet
text/css 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/styles/oglobo-footer.css

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/1/scripts/oglobo-footer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

c036d051096780db5070187516c5277d7f6dc7972d6e92e5b6843c07da4a70a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 11:54:16 GMT
Content-Encoding: gzip
Age: 2298355
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 746
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 13 Jan 2022 13:12:54 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a0453365-a1e-5d57671b38180"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 155454

GET
H2 200 login.css
s.glbimg.com/pc/ca/ 846 B
837 B 226ms
226ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/login.css

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 912698436 ra02 05 03
age: 170119
content-length: 431
x-xss-protection: 1; mode=block
x-request-id: a4048228-e836-4483-bbbd-aa31e1ded01e
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB1500D
etag: W/"6011d1fe-34e"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 14 Mar 2022 03:04:52 GMT

POST
H2 200 logged Show response
cocoon.globo.com/v2/user/ 211 B
723 B 703ms
236ms XHR
application/json 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash: e1c643d68af03c118065b9c2d43dfbd49532e4dfe300c18f736863496394f1ff

Request headers

Referer: https://blogs.oglobo.globo.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-thanos: 0A83D0A7
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
x-request-id: e9822eee-95d1-4f78-bb88-7e521073d728

OPTIONS
H2 204 logged
cocoon.globo.com/v2/user/ Frame 0
0 705ms
232ms Preflight 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods: POST, OPTIONS
access-control-allow-credentials: true
x-request-id: 190916f8-29dc-4d4c-9a21-e8f21d0bf00e
x-thanos: 0A83D0A7

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 51ms
50ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-1&cid=1281472035.1646792411&jid=141865452&_u=YGDAgEABAAQCAE~&z=2019380730

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 98ms
50ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-1&cid=1281472035.1646792411&jid=141865452&_u=YGDAgEABAAQCAE~&z=2019380730

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sexqhznbn.js Show response
cdn.krxd.net/controltag/ Frame C76E 75 KB
21 KB 6ms
6ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5eb0c95f0d7179c64baa27e947a3e78dc669a72397f690adfec421d751cf3446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 varnish, 1.1 varnish
age: 1005
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 20776
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kjyo7100035-IAD, cache-hhn4039-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1646792412.789272,VS0,VE0
etag: "5de8f588c1acbc44ba73a5864b7b57b763c894e2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 12

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame C76E 259 KB
83 KB 7ms
6ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
age: 1205427
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 684029
content-length: 84509
x-served-by: cache-hhn4039-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1646792412.800264,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 235 B
431 B 54ms
32ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9f1508da4c7e232fecfa9d9ca9c8d6d4097d449c91b20d51903af021612c1214

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a004-dub-prod.krxd.net, cache-hhn4041-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646792412.830521,VS0,VE26
content-length: 192
x-cache-hits: 0, 0

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ Frame C76E 220 B
286 B 36ms
36ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ac503e69c9c74d1462df9006432bf482e29377950d614ba73748d5c24611b2e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a011-dub-prod.krxd.net, cache-hhn4041-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646792412.838651,VS0,VE30
content-length: 186
x-cache-hits: 0, 0

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
122 KB 85ms
39ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 21:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 21:34:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1002 B
350 B 94ms
48ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f8c3be568f18447a98349ceceb4a2ea026ade7ee95bfe8f050544f302652243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Wed, 09 Mar 2022 02:20:11 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C76E
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3ROUE1lOEE
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEFiirjbpOyN8-vkgn2UULKw&google_cver=1

0
336 B

27ms
27ms

Image
text/plain

52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEFiirjbpOyN8-vkgn2UULKw&google_cver=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=46 t=1646792412
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEFiirjbpOyN8-vkgn2UULKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C76E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3ROUE1lOEE
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEFiirjbpOyN8-vkgn2UULKw&google_cver=1

0
337 B

97ms
27ms

Image
text/plain

52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEFiirjbpOyN8-vkgn2UULKw&google_cver=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1646792412
x-served-by: beacon-n023-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEFiirjbpOyN8-vkgn2UULKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C76E
Redirect Chain

https://stags.bluekai.com/site/26357?id=OtNPMe8A&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOtNPMe8A%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
https://beacon.krxd.net/usermatch.gif?_kuid=OtNPMe8A&partner=bluekai&bk_uuid=$_BK_UUID

0
336 B

27ms
27ms

Image
text/plain

52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?_kuid=OtNPMe8A&partner=bluekai&bk_uuid=$_BK_UUID
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=54 t=1646792412
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?_kuid=OtNPMe8A&partner=bluekai&bk_uuid=$_BK_UUID
Date: Wed, 09 Mar 2022 02:20:12 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C76E
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=L0O1eYfJg5wbIZtUsBV_ZWKSWrpFpXFx

0
336 B

90ms
28ms

Image
text/plain

52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=L0O1eYfJg5wbIZtUsBV_ZWKSWrpFpXFx
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1646792412
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=L0O1eYfJg5wbIZtUsBV_ZWKSWrpFpXFx
date: Wed, 09 Mar 2022 02:20:10 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4136
content-length: 218
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 p
sb.scorecardresearch.com/ Frame C76E 64 B
439 B 25ms
25ms Image
image/gif 65.9.78.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OtNPMe8A&rn=1646792412
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-116.ams1.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: ugTVKpZJ_c_Qvs1XTwD9p2Tz2dbQPJolG_WAMVG1mdvxBGzlBaIBwQ==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C76E
Redirect Chain

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OtNPMe8A&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OtNPMe8A&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=68633144333642168481490765560131111092

0
336 B

28ms
27ms

Image
text/plain

52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=68633144333642168481490765560131111092
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1646792412
x-served-by: beacon-n016-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

DCS: dcs-prod-irl1-1-v029-08e23457e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Nh3p+syLSJ0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=68633144333642168481490765560131111092
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C76E
Redirect Chain

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID
https://beacon.krxd.net/usermatch.gif?adnxs_uid=5833811598947816649

0
336 B

95ms
27ms

Image
text/plain

52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?adnxs_uid=5833811598947816649
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=51 t=1646792412
x-served-by: beacon-n017-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:11 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f8dd1e2b-5935-4220-8c11-14f0627b5e0d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://beacon.krxd.net/usermatch.gif?adnxs_uid=5833811598947816649
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame C76E
Redirect Chain

https://ib.adnxs.com/mapuid?member_id=1780&user=OtNPMe8A
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOtNPMe8A

43 B
848 B

13ms
13ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOtNPMe8A

Requested by

Protocol

HTTP/1.1

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:11 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 02b8bd26-830e-41a1-82b5-a0a34e5dc599
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:11 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cc5dcd1b-2bf7-4a81-a400-4dc3f4ca1a4f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOtNPMe8A
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame C76E 42 B
417 B 62ms
19ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=OtNPMe8A
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:11 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame C76E 0
214 B 38ms
7ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

usersync
pixel-sync.sitescout.com/connectors/krux/ Frame C76E
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=sitescout
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OtNPMe8A&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID

0
191 B

59ms
19ms

Image
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OtNPMe8A&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:11 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OtNPMe8A&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
date: Wed, 09 Mar 2022 02:20:12 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a009-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C76E
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=verizon
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OtNPMe8A
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-WN6nWiRE2pugl1MJjNRjNkJMqsc8SQ6DOA--~A

0
336 B

27ms
27ms

Image
text/plain

52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-WN6nWiRE2pugl1MJjNRjNkJMqsc8SQ6DOA--~A
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1646792412
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 09 Mar 2022 02:20:12 GMT
via: http/1.1 spdc0101.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-WN6nWiRE2pugl1MJjNRjNkJMqsc8SQ6DOA--~A
content-length: 0

GET
H2

200

sync
sync.navdmp.com/ Frame C76E
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=navegg
https://sync.navdmp.com/sync?prtid=30&salid=OtNPMe8A

6 B
60 B

473ms
465ms

Image
application/javascript

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?prtid=30&salid=OtNPMe8A
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e90548069539be8-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

location: https://sync.navdmp.com/sync?prtid=30&salid=OtNPMe8A
date: Wed, 09 Mar 2022 02:20:12 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a014-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C76E
Redirect Chain

https://sync.1rx.io/usersync/krux/OtNPMe8A?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/krux/OtNPMe8A?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1646792412011
https://sync.targeting.unrulymedia.com/csync/RX-68dc7f51-64b6-4e77-a66d-bdeec0306d95-003?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3DRX-68dc7f51-64b6-4...
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-68dc7f51-64b6-4e77-a66d-bdeec0306d95-003

0
336 B

28ms
27ms

Image
text/plain

52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-68dc7f51-64b6-4e77-a66d-bdeec0306d95-003
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1646792412
x-served-by: beacon-n012-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-68dc7f51-64b6-4e77-a66d-bdeec0306d95-003
date: Wed, 09 Mar 2022 02:20:12 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX68dc7f5164b64e77a66dbdeec0306d95003
content-type: text/html

GET getdata.xgi
r.nexac.com/e/ Frame C76E 0
0

GET logos.svg
oglobo.globo.com/132/images/ 0
0

GET icons.svg
oglobo.globo.com/132/images/ 0
0

GET logos.svg
oglobo.globo.com/132/images/ 0
0

GET icons.svg
oglobo.globo.com/132/images/ 0
0

GET
H/1.1 200
OK site-header.js Show response
oglobo.globo.com/scripts/ 3 KB
2 KB 229ms
229ms Script
text/javascript 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/scripts/site-header.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/1/scripts/oglobo-header.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

68fa51098bed0736c2c45bdcb8e5b0bad02b2e5a35b4abecdeeb34876bd5547b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 16:29:19 GMT
Content-Encoding: gzip
Age: 1763452
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 821
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 13 Jan 2022 13:11:12 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a0580ea4-d1d-5d5766b9f1c00-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 220242

GET
H2 200 cl0ixokz0503acmb9h2 Show response
scoring.deep.bi/score/EJntYTLE3eKP/ 2 B
196 B 253ms
243ms XHR
application/json 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scoring.deep.bi/score/EJntYTLE3eKP/cl0ixokz0503acmb9h2?id=deepcookie&column=profile
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: Amp-Access-Control-Allow-Source-Origin, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
access-control-allow-credentials: true
cf-ray: 6e90547f3b109bbc-FRA
content-length: 2

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 49ms
9ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
server: ATS/9.1.0.33
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
319 B 77ms
36ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=1066918640

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 438 B
1 KB 341ms
244ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280410&zone_id=1398996&size_id=16&eid_pubcid.org=bc3900f2-7ff0-4e9f-9e07-921a132a0564%5E1&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=info.web.oglobo&tg_i.page_name=post&tg_i.platform=desktop&tg_i.aupname=%2F85042905.*%26pub-box-materia.*&tg_i.dfp_ad_unit_code=85042905%2Finfo.web.oglobo&tg_i.pbadslot=85042905%2Finfo.web.oglobo&tk_flint=dmpbjs_v5.20.0&x_source.tid=672db4c2-082d-4206-b57e-edbcf62fb038&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9754321111229598
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1ff1e22e7a26ee08a0231d7ac7704fcfddbe41db6f28d11489e49dcb486b95f2

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:12 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 438
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
995 B 13ms
13ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

022ef8d20ed4b93f38386293b039a025ca4ceecd099e86f76b610f284995de89

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:12 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5c0da75f-9e69-4213-9737-822659534582
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
301 B 135ms
110ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 9105a1fa6be61beb11d346f2e8f2002d20f5120c38f289f954686e8b33fd7fd8

Request headers

Referer: https://blogs.oglobo.globo.com/
x-openrtb-version: 2.5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
content-length: 66

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
564 B 134ms
74ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 3 KB
1 KB 76ms
34ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=GTCopIDc5z

Requested by

Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b56ac92d584b8c536b4beb40c42d57794f15bd69a2b4d146c883bb9736603d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 3222
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C6oeg8ruv1R
wn: prod-exp-10-0-86-105
last-modified: Wed, 09 Mar 2022 01:26:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 6e9054801fd1699b-FRA
expires: Wed, 09 Mar 2022 02:50:12 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1B4B 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://blogs.oglobo.globo.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Wed, 09 Mar 2022 02:20:12 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 275 KB
80 KB 54ms
42ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=GTCopIDc5z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e17ef345a3598b3656b160ca57a1a44dab4365894b10c407f4257bb248504e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 61335
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2Y6MCSZCXC69XKBW
x-amz-id-2: PhC6hX9caNh74I4ff1Mwx/NmRGp/I0S9QW8fkW4ZZjKgiBzpnMbc4UC/Hae8bhXUgLe9Fze07GA=
last-modified: Mon, 28 Feb 2022 15:07:54 GMT
server: cloudflare
etag: W/"d766e4371da10c3c8ec5fecc88497ef7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6e9054805814699b-FRA
expires: Wed, 09 Mar 2022 06:20:12 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
311 B 40ms
31ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=GTCopIDc5z

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8612764627a383496e07e1dc1c0a9ccfd5825e1537c939b6ac8f89fbc5a4276d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 52
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C84hg8rr1Kt
pragma
wn: prod-dash-10-200-142-107
last-modified: Wed, 09 Mar 2022 02:19:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.075
cache-control: public, max-age=1200
cf-ray: 6e905480e897699b-FRA
expires: Wed, 09 Mar 2022 02:40:12 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 48 KB
6 KB 147ms
122ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=GTCopIDc5z

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

483f8590f6595578a7afba078bc8f3e3986f4d2f4c4380e5a77d2c18680738e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: qc5h9j0dn2
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6e9054811cfe68f8-FRA

GET
H2 200 stream Show response
oglobo.comentarios.globo.com/embed/ Frame EBCB 3 KB
1 KB 260ms
260ms Document
text/html 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646792100000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde

Requested by

Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/assets/js/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

86a8a6ae06c94509cacf532a3df94869dcd37ec3b13da3d4d2315681fd1ff724

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://oglobo.comentarios.globo.com https://oglobo.globo.com https://blogs.oglobo.globo.com https://kogut.oglobo.globo.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self' https://oglobo.comentarios.globo.com https://oglobo.globo.com https://blogs.oglobo.globo.com https://kogut.oglobo.globo.com
x-trace-id: 732107a0-9f4f-11ec-8865-37e0f9787607
etag: W/"b18-R1R6qpoMVz/SXkPIG8xVV9ogThQ"
x-content-type-options: nosniff
content-language: pt-BR
access-control-allow-headers: Content-Type
content-encoding: gzip

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 132ms
51ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 133ms
48ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 352ms
352ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3326231955320497&correlator=347948061417502&eid=31064835%2C31065488&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&iu_parts=85042905%2Cinfo.web.oglobo&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C970x150&sfv=1-0-38&ecs=20220309&fsapi=false&prev_scp=Editora.pos%3DTop%26Editora.random%3D7&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&abxe=1&dt=1646792412474&lmt=1646792412&dlt=1646792406424&idt=5621&biw=1600&bih=1200&oid=2&adxs=315&adys=178&ucis=1&adks=3847855073&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=970x-1&fws=0&ohw=0&ga_vid=1281472035.1646792411&ga_sid=1646792412&ga_hid=220978868&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3459b1c0b9b1e40a2b204b29af644b8fe33c1d4f19ccc2efbedb7307fa48a0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9027
x-xss-protection: 0
google-lineitem-id: 5770128229
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360598294
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 403 B
246 B 85ms
85ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3326231955320497&correlator=1150556556796591&eid=31064835%2C31065488&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&iu_parts=85042905%2Cinfo.web.oglobo&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&sfv=1-0-38&ecs=20220309&fsapi=false&prev_scp=Editora.pos%3DDhtml%26Editora.random%3D3&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&abxe=1&dt=1646792412478&lmt=1646792412&dlt=1646792406424&idt=5621&biw=1600&bih=1200&oid=2&adxs=800&adys=5632&ucis=2&adks=506899097&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x5746&msz=1600x30&fws=0&ohw=0&ga_vid=1281472035.1646792411&ga_sid=1646792412&ga_hid=220978868&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56dcf879928a13f0be8e8c7ebdf6e68ed9502dc9a36617502e4424aaad1ca0e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 301ms
300ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3326231955320497&correlator=806019062961827&eid=31064835%2C31065488&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&iu_parts=85042905%2Cinfo.web.oglobo&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&sfv=1-0-38&ecs=20220309&fsapi=false&prev_scp=Editora.pos%3DVitrine&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&abxe=1&dt=1646792412480&lmt=1646792412&dlt=1646792406424&idt=5621&biw=1600&bih=1200&oid=2&adxs=315&adys=5246&ucis=3&adks=1132514348&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x600&msz=1600x300&fws=0&ohw=0&ga_vid=1281472035.1646792411&ga_sid=1646792412&ga_hid=220978868&ga_fc=true&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.79.211.35.bc.googleusercontent.com

Software

cafe /

Resource Hash

9431c2cb75ab6b1461efb9cecccc56f340422ab5266912788a0d577d64581874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9047
x-xss-protection: 0
google-lineitem-id: 5770128229
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360598297
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3ECB 6 KB
4 KB 172ms
47ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 09 Mar 2022 02:20:12 GMT
expires: Thu, 09 Mar 2023 02:20:12 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 4.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 11 KB
3 KB 229ms
229ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/4.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 3c03ea842496b5ce2c307a811ce2417847ee4b58436c2c652cfc027b83d0b1a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:54:34 GMT
Content-Encoding: gzip
Age: 1537
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2715
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a0533595-2d6d-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 4567

GET
H/1.1 200
OK 0.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 20 KB
6 KB 232ms
232ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/0.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 7bb6ec6d26f794ab8fc3186182563ede1fbdca9a4f8ba7683675677f4d8919eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:53:57 GMT
Content-Encoding: gzip
Age: 1574
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 5297
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a0438763-4f5e-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 4792

GET
H/1.1 200
OK 6.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 4 KB
2 KB 460ms
229ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/6.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 27f86cb6d0e6ce5790d72abf17446027d5afca9b72661f7658923efd376c2b3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:56:01 GMT
Content-Encoding: gzip
Age: 1451
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1453
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a061a4c7-1157-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 3695

GET
H/1.1 200
OK 2.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 4 KB
2 KB 682ms
227ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/2.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: fa05d2dd8dde6a40e518c7d8f5c54030e6f2c41eb8c2b406c63a8d541c2a16b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:00:24 GMT
Content-Encoding: gzip
Age: 1188
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1479
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a0582e6a-113d-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 1396

POST
H3 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 589 B
843 B 166ms
134ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=GTCopIDc5z

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

906942a931b25fb78f396247af7415b3647de9b701db1549f9f3c3afdb842e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Co5hg8rJLMc
pragma: no-cache
wn: prod-dash-10-0-85-35
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.005
cf-ray: 6e905482498f9a17-FRA
expires: 0

GET
H3 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 1356 9 KB
3 KB 40ms
21ms Document
text/html 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45f3c1493a3f00416d2c563dc069b0b2f1daa3843be7819850af2b9c4b609e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=8435
expires: Wed, 09 Mar 2022 04:40:47 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.002
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-128-220
x-forwarded-https: on
x-request-id: Czbfg8rMRnt
x-xss-protection: 0
cf-cache-status: HIT
age: 2365
last-modified: Wed, 09 Mar 2022 01:40:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e90548238e491ea-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=220978868&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&dp=%2Fpolitica%2Fblogs%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&ul=en-us&de=UTF-8&dt=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Exibicao%20Register&el=showTemplateZKP87MWQMNO1814&_u=aGDAgEABAAQCAE~&jid=&gjid=&cid=1281472035.1646792411&tid=UA-51216819-1&_gid=459233599.1646792411&gtm=2wg37055NG4R&cd1=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd52=1281472035.1646792411&cd82=responsivo&z=1862628900

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 06:24:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71756
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
498 B 29ms
28ms Image
text/plain 52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=NBK4rYWm&event_type=default&acao=Exibicao%20Register&categoria=Piano&rotulo=showTemplateZKP87MWQMNO1814
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=46 t=1646792412
x-served-by: beacon-n013-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 1356 33 KB
6 KB 21ms
21ms Stylesheet
text/css 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 3055
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-128-104
last-modified: Mon, 28 Feb 2022 17:52:22 GMT
server: cloudflare
etag: W/"33843-1646070742000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 6e905482691f91ea-FRA
expires: Wed, 09 Mar 2022 04:20:12 GMT

GET
H3 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame 1356 30 KB
8 KB 173ms
172ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=GTCopIDc5z&version=1483354452000&language=pt_BR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e203fc1358e2baa0e35cf6999e059b111046b3e42813527475bdbc1759556c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Co5hg8rkeIT
pragma
wn: prod-dash-10-200-14-243
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.002
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6e905482692191ea-FRA
expires: Wed, 9 Mar 2022 21:20:12 EST

GET
H3 200 platform-translation-map_pt_BR.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 1356 145 KB
40 KB 31ms
30ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_pt_BR.js?version=14.98.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ceb4e4276ef52ab6c3f1c5a3b58745b325829dab7db3b137a755464bead104c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 27347
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-138-79
last-modified: Mon, 28 Feb 2022 17:52:22 GMT
server: cloudflare
etag: W/"148640-1646070742000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400
cf-ray: 6e905482692291ea-FRA
expires: Thu, 10 Mar 2022 02:20:12 GMT

GET
H3 200 H4sIAAAAAAAAAD3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA Show response
buy.tinypass.com/_sam/ Frame 1356 520 KB
156 KB 44ms
43ms Script
text/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=14.98.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe32546d5169b23c05f7018503ecaae96b14615980dea18cc0c825f535bb683

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2364
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-117-181
last-modified: Fri, 04 Mar 2022 11:39:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.005
cache-control: public, max-age=602436
x-optimized-by: _sam
cf-ray: 6e905482692391ea-FRA
expires: Wed, 16 Mar 2022 01:40:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 1356 3 KB
1 KB 135ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e801d929d36bbebe0459ab81315d374567394b4da357a1e68e4d08ac6946c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 02:20:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Mar 2022 02:20:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Mar 2022 02:20:12 GMT

GET
H3 404 style.css
buy.tinypass.com/checkout/template/ Frame 1356 0
0 166ms
166ms Stylesheet
text/html 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/style.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/html
cache-control: public, max-age=1200
strict-transport-security: max-age=86400; includeSubDomains
cf-ray: 6e905482692691ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 09 Mar 2022 02:40:12 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
76 B 256ms
247ms Script
application/x-javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=105974f5e77e3506fed1e8515c10&acc=13574&url=https%3A//blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tit=Isen%E7%E3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&h1=Isen%E7%E3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e9054828b719be8-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
336 B 28ms
27ms Script
text/plain 52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=105974f5e77e3506fed1e8515c10
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1646792412
x-served-by: beacon-n007-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H2 200 oglobo
horizon-track.globo.com/event/ 0
176 B 454ms
112ms Ping
text/plain 35.211.79.33
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-track.globo.com/event/oglobo

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryLA6nEBHY9pxPSbC4

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
x-served-from: hzt-tsuru
content-length: 0
strict-transport-security: max-age=60
content-type: text/plain; charset=UTF-8

GET
H2 200 stream.48fcab9847bb8f1bdf1cbf7c6c22b202.css
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/css/ Frame EBCB 229 KB
46 KB 1076ms
1075ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/css/stream.48fcab9847bb8f1bdf1cbf7c6c22b202.css
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646792100000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 863abab1fd939484df7f84b8575be30ff20803e87181e7bbe58af326f26c88ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-openstack-request-id: tx2c00c49bad3c4daa9f9ac-0062167530
last-modified: Thu, 28 Jan 2021 18:09:30 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857369.24525
cache-control: public, max-age=5184000
content-type: text/css
x-trans-id: tx2c00c49bad3c4daa9f9ac-0062167530
x-request-id: 2ba4817d-e885-4d15-ad91-1779a9a5f245

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/ Frame EBCB 20 KB
4 KB 2157ms
2156ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646792100000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a2af5a592426fd686a4cc64be457646d6e304ecc47abbfc0e275817a222cd72e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-openstack-request-id: tx327ce3c5b36d4c799afed-0062280e64
last-modified: Tue, 23 Feb 2021 13:42:43 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1614087762.28886
cache-control: public, max-age=180
x-trans-id: tx327ce3c5b36d4c799afed-0062280e64
x-request-id: cc7f36c4-5a41-4873-9b0f-28313908133c

GET
H2 200 vendors~account~admin~auth~install~stream.fed0baa2de5aacf2dc8768b3dc3f5563.chunk.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/ Frame EBCB 961 KB
328 KB 1275ms
1274ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/vendors~account~admin~auth~install~stream.fed0baa2de5aacf2dc8768b3dc3f5563.chunk.js
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646792100000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 6a2bd3dbb70547af90e996b9e9d76cea0df3f1d41149d0428d7ddae5e1c3a6f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-openstack-request-id: txde795fd8fe96480885a54-0062167530
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857408.49511
cache-control: public, max-age=5184000
content-type: application/javascript
x-trans-id: txde795fd8fe96480885a54-0062167530
x-request-id: fa695005-f009-445a-ba30-b3b293289f39

GET
H2 200 vendors~admin~install~stream.8ea2a970d6ce93d9bef1b637c8faae6e.chunk.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/ Frame EBCB 46 KB
16 KB 2156ms
2155ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/vendors~admin~install~stream.8ea2a970d6ce93d9bef1b637c8faae6e.chunk.js
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646792100000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 33880cb6848e07fbd0897cfb1868fda7ae729af8da8f3d35e11f578f3e37a599

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-openstack-request-id: txe6483133df76440aa94c5-0062167530
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857408.60081
cache-control: public, max-age=5184000
content-type: application/javascript
x-trans-id: txe6483133df76440aa94c5-0062167530
x-request-id: 5cc879aa-da81-4557-a8c9-bb67ecbd6fc3

GET
H2 200 stream.ec444b2b9e0c4eb0951e37cf1147f9dd.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/ Frame EBCB 1 MB
397 KB 2156ms
2155ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/stream.ec444b2b9e0c4eb0951e37cf1147f9dd.js
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646792100000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 0e26ade64b35613f7f287948f47be3d9381a2b50959a8d9fb88ceeab6437b8a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-openstack-request-id: tx3ffc06d75e4a4d48b7449-0062167530
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857408.26862
cache-control: public, max-age=5184000
content-type: application/javascript
x-trans-id: tx3ffc06d75e4a4d48b7449-0062167530
x-request-id: 5b958484-1fda-4c78-8b1f-4bf8ca8183ee

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/editoraglobonetwork/ 672 KB
46 KB 23ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 249c8ab2d1004786e46c0d2245aee3fb6b334ad8b57b1c1c197f7380b395ca12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ME05YfV7Xk3nk5JDqlL6_a_jd7tUPJMD
content-encoding: gzip
etag: "9ad7374eae85eff3cd67b30ac92926c5"
age: 97
x-cache: HIT
content-length: 46716
x-amz-id-2: xnIZ/e74sa8VJOBimVE4HSKxOaQ3zHcYLBSp4nFoSawJFkjO0di5LLAbN8PSZIT/jZS0YJN4JrU=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 08 Mar 2022 11:17:55 GMT
server: AmazonS3
x-timer: S1646792413.658262,VS0,VE1
date: Wed, 09 Mar 2022 02:20:12 GMT
vary: Accept-Encoding
x-amz-request-id: 2DBRJXV7WFFCA6KK
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 1

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
319 B 37ms
36ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=19693120296

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 18 KB
9 KB 133ms
133ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

c4f1381ed8f65bcfafdc7d52b8ef637297a56bd82223515582550186044baa18

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 02:20:12 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fc679ae5-b4f6-4a15-a664-c677cb69550d
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 436 B
899 B 76ms
76ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280410&zone_id=1398994&size_id=15&eid_pubcid.org=bc3900f2-7ff0-4e9f-9e07-921a132a0564%5E1&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=info.web.oglobo&tg_i.page_name=post&tg_i.platform=desktop&tg_i.aupname=%2F85042905.*%26pub-retangulo.*&tg_i.dfp_ad_unit_code=85042905%2Finfo.web.oglobo&tg_i.pbadslot=85042905%2Finfo.web.oglobo&tk_flint=dmpbjs_v5.20.0&x_source.tid=2471a729-d2d9-48bc-8a96-54ab19a949c1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8179201075580569
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 22f0a7254a2e381ccfc0c28eb46a6aca3c861abf3dc45e5e8d08c828ac576299

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:12 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 436
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
564 B 72ms
71ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 94ms
48ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 95ms
48ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 239ms
238ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3326231955320497&correlator=4073818535148947&eid=31064835%2C31065488&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&iu_parts=85042905%2Cinfo.web.oglobo&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x360%7C640x480&sfv=1-0-38&ecs=20220309&fsapi=false&prev_scp=Info.MatID%3D291505%26Info.Entidades%3Dwaldir-ferraz%252Cjair-bolsonaro%252Cisencao-de-imposto%252Casa-delta%252Cjet-ski%26Editora.random%3D4%26Editora.pos%3DInread&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie=ID%3D75129b6dbf2f251e%3AT%3D1646792412%3AS%3DALNI_MbvOT9ZinOsX61tLh7UZU0DsmvP2A&abxe=1&dt=1646792412656&lmt=1646792412&dlt=1646792406424&idt=5621&biw=1600&bih=1200&oid=2&adxs=455&adys=1413&ucis=4&adks=112552219&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=620x3587&msz=620x360&fws=4&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1281472035.1646792411&ga_sid=1646792412&ga_hid=220978868&ga_fc=true&btvi=3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72e053647995097d8e5deb4c87bcf8d38a50ae575e142909dae9965811879398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8741
x-xss-protection: 0
google-lineitem-id: 5772731708
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360429281
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.20220308-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 620 KB
128 KB 6ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 264bcc8863beaf40bf3925f2787d6ac9ca7aee6a7fd4499b210411c6a600750b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: kP1wtQZbp_5n0.4jM3VAvO62mKA3AVe2
content-encoding: br
etag: "7b01dd63e9ac6d00cb7e3596fbd2a4d4"
age: 28252
x-cache: HIT
content-length: 131175
x-amz-id-2: ABVEkOdalCKNSGXgTuAj6dceOyUzLKfLdF4KzVrDE3KlPSBmt9Wsl5GhwVEJK2vCJ6+Rl1zo2Ow=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 08 Mar 2022 10:23:44 GMT
server: AmazonS3-br
x-timer: S1646792413.708213,VS0,VE0
date: Wed, 09 Mar 2022 02:20:12 GMT
vary: Accept-Encoding
x-amz-request-id: 66QEGC2GJNZGEKD4
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 84
x-cache-hits: 21731

GET
H2 200 load.js Show response
widget.perfectmarket.com/editoraglobonetwork/ 5 KB
2 KB 24ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af38286fa634519ab80524b90b1e992febefc15923c89b1663bcd46dfee2c383

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: gUgj3C7AZJFMWF2Nwsx5cjlAkNxfoKpr
content-encoding: gzip
etag: "061b43bac53a5e78578ef76be22c651a"
age: 52
x-cache: HIT, HIT
content-length: 1576
x-amz-id-2: J7jysAF5dqakr5BCaIOmw+UclAJPBlcQ/GwPxqNliuleEDvlsI3UAOkd0Zgm3iQJLcofMnvD9+k=
x-served-by: cache-lax10648-LGB, cache-hhn4036-HHN
last-modified: Tue, 28 Dec 2021 18:47:08 GMT
server: AmazonS3
x-timer: S1646792413.725598,VS0,VE1
date: Wed, 09 Mar 2022 02:20:12 GMT
vary: Accept-Encoding,,
x-amz-request-id: 8ZDV5ZEEQAZJRFBP
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 15ms
15ms Script
application/javascript 65.9.78.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-116.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 04:00:43 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 80415
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: GQz_wj1_fltziyX63tthxHcaxYqS4jwMoc42Gki7mqTxypQET-5HeQ==

GET
H2 204 b
sb.scorecardresearch.com/ 0
332 B 30ms
30ms Image
text/plain 65.9.78.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1646792412727&ns_c=UTF-8&cv=3.5&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-116.ams1.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: EokdCO0vfcYDENTb9vnXsPGgvsUH5dZuXLRR7gYH2zzj1eNF6o6Hlg==
x-cache: Miss from cloudfront

GET
H2 200 pmk-202010011.6.js Show response
widget.perfectmarket.com/editoraglobonetwork/ 99 KB
27 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/editoraglobonetwork/pmk-202010011.6.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b383f17092354aea8e8598be6d4d8acb0de6a35b1f69620e85da57045197522

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Dj133TGBylNn2devt9Fgqn4nkuTE2sRn
content-encoding: gzip
etag: "a3a81c61409dd6a1e8ba2cb105c53a4a"
age: 6075175
x-cache: HIT, HIT
content-length: 27703
x-amz-id-2: /hXUUPkGjax214+W9IPhoIb91DcgIyAcPR21KEDT3QLsugmoD2/zq7JEYbnPwWtxpBVJqxkj3Oo=
x-served-by: cache-sna10749-LGB, cache-hhn4036-HHN
last-modified: Tue, 28 Dec 2021 18:47:08 GMT
server: AmazonS3
x-timer: S1646792413.733988,VS0,VE1
date: Wed, 09 Mar 2022 02:20:12 GMT
vary: Accept-Encoding,,
x-amz-request-id: 3Q1J8VC8V668WEJV
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 card-interference-detector.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5c64635b8d1e030b028e16cdf9b952023561d795c481cbbdba8d1f045536f54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: r.PPJF0qU3b2ANopBPtuzGn2Uv_tj238
content-encoding: gzip
etag: "a9b2b9bf25d334745ec477c0083123ec"
age: 65
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2180
x-amz-id-2: iOh/AR7cUapE3/kUyAxgzDaOpk5dt/JO88bi2RbfYwvhiHap0eMkpxWZy9Pi8iTxrZh/CMZ7oss=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 08 Mar 2022 10:34:26 GMT
server: AmazonS3
x-timer: S1646792413.755283,VS0,VE0
date: Wed, 09 Mar 2022 02:20:12 GMT
vary: Accept-Encoding
x-amz-request-id: BKEEEP3Q0G3KJX3Z
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 84
x-cache-hits: 7

GET
H2 200 json Show response
trc.taboola.com/editoraglobo-oglobo/trc/3/ 23 KB
7 KB 415ms
413ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-oglobo/trc/3/json?tim=02%3A20%3A12.761&lti=deflated&data=%7B%22id%22%3A189%2C%22ii%22%3A%22%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1646738240796%2C%22vi%22%3A1646792412759%2C%22cv%22%3A%2220220308-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5717%2C%22qs%22%3A%22%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde%22%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-h%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Page%22%2C%22orig_uip%22%3A%22Below%20Page%22%2C%22cd%22%3A4945.90625%2C%22mw%22%3A1536%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A4601.90625%2C%22mw%22%3A700%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%2C%2CBelow%20Page%3Dthumbnails-h%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d209ba9c281d61e9eb0e825264b55f866ac415677f455516d28745f229166a5

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 407
date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
server: nginx
x-timer: S1646792413.766643,VS0,VE407
x-served-by: cache-hhn4062-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
90 B 48ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A12.755&type=info&msg=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&llvl=2&id=3977&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13872

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 49ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A12.755&type=info&msg=%7B%22mode%22%3A%22rec-reel-3n4-a%22%2C%22container%22%3A%22taboola-recommendation-reel%22%2C%22placement%22%3A%22Recommendation%20Reel%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=1871&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13872

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 49ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A12.756&type=error&msg=Didn%27t%20manage%20to%20find%20TRC%20container%20for%20R-Box%20with%20ID%20taboola-recommendation-reel%20(retry%3D1)%20(Document%20is%20Ready)!&llvl=2&id=3525&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13872

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 49ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A12.756&type=error&msg=Invalid%20container%20provided%20for%20request%20Recommendation%20Reel%20(null)!&llvl=2&id=6812&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13872

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A12.756&type=info&msg=%7B%22mode%22%3A%22thumbnails-h%22%2C%22container%22%3A%22taboola-below-page%22%2C%22placement%22%3A%22Below%20Page%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=7816&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13872

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A12.756&type=info&msg=%7B%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22taboola-below-article-thumbnails%22%2C%22placement%22%3A%22Below%20Article%20Thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=3212&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13872

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A12.760&type=info&msg=Below%20Page%20thumbnails-h&llvl=2&id=3052&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13872

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A12.761&type=info&msg=Below%20Article%20Thumbnails%20thumbnails-a&llvl=2&id=9425&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13798

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B00 0
0 77ms
76ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyMiuywZL-iysDOrgI9zWQ9at6pv94Ff0me1F4tYUP5arDn9wkU513FMhHmB8dYHrZmx5PA0ApKapg7sxGpwfEZ7zA8-G4xq70d2Eg88UDfqAsGmZn7Zi9XCwNTOaIgsKbQ2GxQCQsRHPALBGPhA8yI6Tw3bHb9Vu-tDqCpBQfdt2Kgu4FwC15atn82WUuz0yLVajoLKwMh346ymWNTZwhSwQKXgE52pgz6tQ-tAXCzZTidjgsDt6WfXIvy9Lnb9nRMwPvzP7aZYpLKTeEeiCtlfK8qHrA9lAKNM-YBu6Q_qjyQc8176lpmZNDZ11mbhn3i7mDIg&sig=Cg0ArKJSzCay97lcw0yeEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1B00 81 KB
27 KB 58ms
57ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3e03356c9dcc487b194fa5d0ae3b43d578c114aeb8225ef28d8d44d4432aac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27774
x-xss-protection: 0
server: sffe
etag: "1154 / 876 of 1000 / last-modified: 1646780693"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Mar 2022 02:20:12 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157163/4984/ Frame 1B00 382 KB
114 KB 32ms
8ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4c8d444e35efe34f5086ccc017f24bbb2806bc086220a70f4861aa79a36568e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 01:14:29 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1472-5f935-5d2c071e17d7e"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=168359
accept-ranges: bytes
content-type: text/javascript
content-length: 115846
expires: Fri, 11 Mar 2022 01:06:11 GMT

GET
H/1.1 200
OK owHCMR.js Show response
s3.amazonaws.com/script-tags/ Frame 1B00 12 KB
13 KB 408ms
112ms Script
application/javascript 52.217.11.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.11.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3045f287ed31e2a3bff8a8b6fa4e1575743cae0d2febd6270eaf7011d6c917db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Last-Modified: Tue, 22 Feb 2022 21:49:42 GMT
Server: AmazonS3
x-amz-request-id: DV3FA7Q0JN5G8CJF
ETag: "b7fc2ea65d2d03573f36101d7316ada7"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 12596
x-amz-id-2: WYalHgrS+fzZeKqVxZAaAFGhU0P9mGNQhb8rwUyUDRRPsOPSXbCDbNEjII4W53bBpy334gRa7hQ=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B00 124 KB
39 KB 143ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 02:20:12 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 347ms
346ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3326231955320497&correlator=1277354774951035&eid=31064835%2C31065488&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&iu_parts=85042905%2Cinfo.web.oglobo&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&sfv=1-0-38&ecs=20220309&fsapi=false&prev_scp=Info.MatID%3D291505%26Info.Entidades%3Dwaldir-ferraz%252Cjair-bolsonaro%252Cisencao-de-imposto%252Casa-delta%252Cjet-ski%26Editora.random%3D6%26Editora.pos%3DTop%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.02%26hb_adid_appnexus%3D192262a5244697b%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D192262a5244697b%26hb_bidder%3Dappnexus&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie=ID%3D70c9cbb2f7dfa0d3%3AT%3D1646792412%3AS%3DALNI_MaQ2U-IZFI9OIXOjtzftPnBOmp5Ug&abxe=1&dt=1646792412817&lmt=1646792412&dlt=1646792406424&idt=5621&biw=1600&bih=1200&oid=2&adxs=1126&adys=432&ucis=5&adks=2282096486&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x289&msz=300x250&fws=4&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_acHCBAlA5QeOwsrH4jQf2i6fEp8pRQjCoPQP6SS-PktTjRxaiL18Yi7ZcDtOxeVE_uiFN_ReC8GmSkaQ&ga_vid=1281472035.1646792411&ga_sid=1646792412&ga_hid=220978868&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be282102590f4e657e530e4886414a842fcaba0a1260ad0de40216bf2f6b2a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9700
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v16/ Frame 1356 32 KB
33 KB 128ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:38:15 GMT
x-content-type-options: nosniff
age: 542517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32900
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:09:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:38:15 GMT

GET
H3 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 1356 60 KB
12 KB 21ms
21ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=14.98.1

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=14.98.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad17f3e4887e34b70f3ce18b89ab672b2f4d5db65237e58d704055fdc80d54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 61331
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-135-86
last-modified: Mon, 28 Feb 2022 17:52:22 GMT
server: cloudflare
etag: W/"61519-1646070742000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 6e9054844b3591ea-FRA
expires: Thu, 10 Mar 2022 02:20:12 GMT

GET
H3 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame 1356 39 KB
8 KB 120ms
120ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=GTCopIDc5z&version=1483354452000&language=en_US

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b078017f3a5881d5c8af75f15f00b363c0c7d3e6677981eb293e296e869a85b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Co5hg8r2o11
pragma
wn: prod-dash-10-0-92-18
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.002
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6e9054844b3691ea-FRA
expires: Wed, 9 Mar 2022 21:20:12 EST

GET
H3 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 1356 2 KB
3 KB 16ms
16ms Image
image/png 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
cf-cache-status: HIT
age: 3643
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2177
wn: prod-dash-10-0-126-147
last-modified: Fri, 04 Mar 2022 11:52:10 GMT
server: cloudflare
etag: W/"2177-1646394730000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
server-time: 0.000
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6e9054847b5b91ea-FRA
expires: Wed, 09 Mar 2022 04:20:12 GMT

GET
H/1.1 200
OK conteudo.json Show response
oglobo.globo.com/api/v1/ultimas-noticias/politica/ 19 KB
7 KB 291ms
290ms Fetch
application/json 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/api/v1/ultimas-noticias/politica/conteudo.json?tiposDeConteudo=materia,materiaEmCapitulos,fotogaleria,videoGloboCom,listaFatos

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/carousel-oglobo.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

154662c77726731f39a4d0f7ab2ccd2f00a1af311117d49a28856ad204b94dda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:12 GMT
Content-Encoding: gzip
Age: 0
grace: none
X-Cache: MISS
Strict-Transport-Security: max-age=15768000
Content-Length: 6026
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
cache-control: max-age=177
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Wed, 09 Mar 2022 02:23:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8A92 0
0 76ms
75ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFdTZaf2F84cyAqmxzk882oLzTy_yKSgFiVIOyWBDvQQrRCEzyPyu8tbzAEagAoMKx42WZtkciy4xfvzSqvfTx_y8OSPtHpOCFHAg7BjRMeyxbZb9A4nz6ntLcP5-bQxgPGhOTbchT_43CqAK3F2s6SC5N3t1O1AQR2GYcbF1KdvBLJTGsUpQmeDLLVbLY26osCESu5xyz30C6QPelynXF_Rx3q2jtRd6EMkWxqWJyrKgrHh-SvvYzRgVPPfdpHd6cPhTp4ItvLvgoAQSh33tPLUo9J4y2KZW03kxuGz8a4VBLbcv1YK16veiLxGO8VXWRfwlU6A&sig=Cg0ArKJSzKl5ExLiWplMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8A92 81 KB
27 KB 50ms
49ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cafc562f6f93bc01d27c75d5002144d93e9c525e6e80ce38b986619a28e021c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27769
x-xss-protection: 0
server: sffe
etag: "1154 / 31 of 1000 / last-modified: 1646780693"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Mar 2022 02:20:12 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157163/4984/ Frame 8A92 382 KB
114 KB 9ms
7ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4c8d444e35efe34f5086ccc017f24bbb2806bc086220a70f4861aa79a36568e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 01:14:29 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1472-5f935-5d2c071e17d7e"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=168359
accept-ranges: bytes
content-type: text/javascript
content-length: 115846
expires: Fri, 11 Mar 2022 01:06:11 GMT

GET
H/1.1 200
OK owHCMR.js Show response
s3.amazonaws.com/script-tags/ Frame 8A92 12 KB
13 KB 408ms
120ms Script
application/javascript 52.217.11.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.11.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3045f287ed31e2a3bff8a8b6fa4e1575743cae0d2febd6270eaf7011d6c917db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Last-Modified: Tue, 22 Feb 2022 21:49:42 GMT
Server: AmazonS3
x-amz-request-id: DV34YFZXYJGKWF4Y
ETag: "b7fc2ea65d2d03573f36101d7316ada7"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 12596
x-amz-id-2: Xdn3C+JSgh48sbDM5JX3Em3L6yXxxya/sJO8zQlXA0un3Kkx9TKZJ0tZr32FkBVLk4NC/KY7s9c=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A92 124 KB
38 KB 100ms
98ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 02:20:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CE57 0
0 78ms
78ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyTSI-kgyFKdTA7Fm9f9VZ6LaSTWQCHvN6Llm3BouLg3NMVOt2f9ndkLYCrMIaisqsEgX66LyIL4zvL7ulLaROQdpOa9IhJTyas826BOkUl9ZYBysVHEQLQACEjG37GlYwbx582H-5nAQiqV92v2LwEnJo3mKeJ76tMbkrarzN_UIhq5JUqCkutQP6M_kqNx-AGpl13qzOK7dpUURQDoHn0A34LVTr4xY2piAZAAvR6TrHuwG_VKc3D1GYf3h4bjW31XDz6WO1eBNA-GCx4TKKnXAjxKrEul726vFXWjT5eDELy40T_aehdci_PiLAFmKrtKo7yA&sig=Cg0ArKJSzCa9uzFqmo-7EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 st-passback.js Show response
creatives.seedtag.com/dfp/ Frame CE57 2 KB
1 KB 65ms
25ms Script
text/javascript 104.18.134.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.seedtag.com/dfp/st-passback.js?inArticle
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.134.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5375c0f0f60e4211b5e23f78f942c0bc6f6334c736d203c177b57de3c008948

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
via: 1.1 google
cf-cache-status: HIT
age: 214
x-goog-custom-time: 1970-01-01T00:00:00Z
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-meta-
last-modified: Fri, 28 May 2021 15:36:33 GMT
server: cloudflare
etag: W/"f4b8120559f56491bc343250eadc4f1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 6e90548509e69bce-FRA
expires: Wed, 09 Mar 2022 02:16:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE57 124 KB
38 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 02:20:12 GMT

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1B00 364 KB
122 KB 39ms
38ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 21:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 21:34:42 GMT

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8A92 364 KB
122 KB 39ms
38ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 21:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 21:34:42 GMT

GET
H2 200 botao-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/ 2 KB
3 KB 1747ms
1746ms Image
image/gif 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/botao-desk.gif
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 87ef5ff1e76b7444b170bc854ef7e22adabef01f30050760e757a23df4f995bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
x-openstack-request-id: tx8eec34020aca42cf8dddc-0062280e66
last-modified: Tue, 08 Mar 2022 14:38:25 GMT
x-trans-id: tx8eec34020aca42cf8dddc-0062280e66
x-thanos: 0AB14002
etag: 5add9e21533db7c34316bcb12976d455
vary: Accept-Encoding, Origin
content-type: image/gif
x-timestamp: 1646750304.33960
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 2429
x-request-id: 3ff20ff4-59b2-49f7-ada9-ba01c1743300

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=220978868&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&dp=%2Fpolitica%2Fblogs%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&ul=en-us&de=UTF-8&dt=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Botao&el=botao%20-%20deslogado_gabigol%20-%20oferta%20-%20og_botao_topo_semcookie_cnsmdr&_u=aGDAgEABAAQCAE~&jid=&gjid=&cid=1281472035.1646792411&tid=UA-51216819-1&_gid=459233599.1646792411&gtm=2wg37055NG4R&cd1=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd52=1281472035.1646792411&cd82=responsivo&z=696505309

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 06:24:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71757
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CE57 0
0 76ms
76ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1T1K8I8hAMqFCBfiWLt8Tc5NxaEGs0WBD7epiIZ06ddXA4UdqhsPkexa0TeQdnsW-uaopj9E5r3BtbBxt-JNXt4hZ5bbRz9aswlXXUixgATVqYBYjzEWH5sxjx-hHXtg_GpHJUGMKUA5cJFEFm-_JI83uroGGWqnOEyfnT0B6NrElz5wU8Nop8VuTAtrTEohSjuV8R5A--iIDR5fYjxLJApDPyjvikypn6lPGEyGFf8q0Pb-4oC4DEz9HUnf4CAQv93sh8xiG1crsey1kKwmqhTeRuPyXlnGfHcmXJlP6OBrDcb8jR6NBqFpiQGUrkaWjGRpFdrS5&sig=Cg0ArKJSzIX4AVGgWyMdEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 02:20:13 GMT

GET
H3 200 container.html Show response
cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 30D4 6 KB
3 KB 87ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Mar 2022 02:20:12 GMT
expires: Thu, 09 Mar 2023 02:20:12 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 45ms
8ms Preflight 3.66.105.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.105.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-105-131.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 9ms
8ms XHR
application/json 3.66.105.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.105.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-105-131.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 09 Mar 2022 02:20:13 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

GET
H2 200 cd
cd.navdmp.com/ 6 B
81 B 494ms
486ms Image
application/x-javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cd.navdmp.com/cd?prtid=13574&prtusridr=0a4802dee080ec54429fd1e1624722834b4dac4c
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e9054867f409be8-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2 200 tb Show response
15.taboola.com/ 38 KB
12 KB 25ms
24ms XHR
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=editoraglobo-oglobo&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&encoded=1&uid=e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c&variant=966256|1786072086&callback=TRC.videoTagCallbacks.videoCallback1&cb=1646792413191&tagid=&cntry=DE&platform=1&sesid=a8377ad2c9051daa0af1b4bf75f58848&itemid=/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&viewid=1646792412759&geolat=&geoing=&deviceifa=&appid=&sd=v2_a8377ad2c9051daa0af1b4bf75f58848_e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c_1646792412_1646792412_CNawjgYQlv9JGNec6OP2LyABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjb_5X0ga2ul6YBcAA&ri=3137eeb81c294ce3b22718044ad5b590&appname=&cdb=&gdprApplies=true&rid=&sii=-7425918557199498964&oee=true&tpubid=1212310&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1207970&prcnt=&layer=&normp=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f277353d15503427efd68bdc6853eb37b83e30697a97cc1343e3ee5749b7e5d

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
access-control-allow-origin: https://blogs.oglobo.globo.com
machineid: 1442
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4062-HHN
pragma: no-cache
server: nginx
x-timer: S1646792413.196014,VS0,VE18
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 6ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc6e79bf1b6e44369cb8bf4ef51ccff33fa0cbccc91a7c926af2c9d60a61764a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: JD743vX5kFv8npsEP6QiXfP2J.E5lTtG
content-encoding: gzip
etag: "002d83ece6cd93589f02fcb25223241f"
age: 46
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1262
x-amz-id-2: 6tPkYm8HLEKBp5rwyCNegemVEGBcSP9x+vfuKF+/JZpz3KqNLoZxwOkJs0dHCwl2K/MYClmJVHBZ0VkoqUb3Jw==
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 08 Mar 2022 10:34:15 GMT
server: AmazonS3
x-timer: S1646792413.200577,VS0,VE0
date: Wed, 09 Mar 2022 02:20:13 GMT
vary: Accept-Encoding
x-amz-request-id: 9ZXQ8MNE8XZVA0W2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 84
x-cache-hits: 12

GET
H2 200 distance-from-article.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 6ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35db4870ace7a2a22e381fd7928dac27b0ff0aa58f6aa3511e86e4124c7414ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ifZ0puQf_6XfnsmpNjNUpGn_TiO4MT.q
content-encoding: gzip
etag: "d16fa9e2ab2b5c2209a0b7c92f32b6c3"
age: 69
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1006
x-amz-id-2: OWwTw2WFBEFcsnIw/DFUXr6m2MwcuUwwbVr+wfZAIlO7zcOuc2hpD4SE1MueKQBiQuF9876MO5Q=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 08 Mar 2022 10:34:22 GMT
server: AmazonS3
x-timer: S1646792413.205003,VS0,VE0
date: Wed, 09 Mar 2022 02:20:13 GMT
vary: Accept-Encoding
x-amz-request-id: KZTCRKYEATT4NHQF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 84
x-cache-hits: 4

GET
H2 200 article-detection.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02cff87bf655f94854cce6621cccc3b0abfd0cf8f370174166cd3236e053ea83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: JH9dxUnBOJHPLszTft.LQRof6Y5otsi9
content-encoding: gzip
etag: "213959dc6ce4b946b28c82c3c37722d3"
age: 58
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1236
x-amz-id-2: wDzFY4k4VzK6c4cZ9lzY5yFn/u15Q21QKtrU4eGN+VxTIUl3Mhwm+j1gVgj2i5/2q5da6P2UX58=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 08 Mar 2022 10:34:31 GMT
server: AmazonS3
x-timer: S1646792413.205061,VS0,VE0
date: Wed, 09 Mar 2022 02:20:13 GMT
vary: Accept-Encoding
x-amz-request-id: 6DPGHSQ4YG79DS08
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 84
x-cache-hits: 4

GET
H2 200 8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 451 B
495 B 6ms
6ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding: gzip
etag: "1802e318f880ad7e5c7030e9da649cf6"
age: 9177
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 222
x-amz-id-2: hqmZShdkcFAlleVmrQTHL0lWM/rrhS/SE+W/uFCvCiwbKRLyTvid0jYcNFqWos5WWw06X0Kut4s=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 07 Jul 2020 17:40:49 GMT
server: AmazonS3
x-timer: S1646792413.207407,VS0,VE0
date: Wed, 09 Mar 2022 02:20:13 GMT
vary: Accept-Encoding
x-amz-request-id: SM6CAHYDHVK1WBW2
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: text/css
abp: 84
x-cache-hits: 2

GET
H2 200 userx.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: feaa25ab48a4c76f2551eba621ccbee0f8853d342217424128e6d466f3dcbeaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: f1MNXaMkM0ZD5DLdqOEdsF0cDzKQYPWi
content-encoding: gzip
etag: "f474812bd16a86f1fd024898ea4ab942"
age: 7
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5397
x-amz-id-2: X7nKAYnEm5niY9AK5n1QTtaPQdjwIvz+geZbyKxeEl8Cgum9AMwtlja9ysZ+3sNPMJg/kIz1W6Q=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 08 Mar 2022 10:26:02 GMT
server: AmazonS3
x-timer: S1646792413.212373,VS0,VE0
date: Wed, 09 Mar 2022 02:20:13 GMT
vary: Accept-Encoding
x-amz-request-id: DM35GFSZF0820PKE
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 84
x-cache-hits: 2

GET
H2 200 tb Show response
15.taboola.com/ 38 KB
12 KB 24ms
24ms XHR
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=editoraglobo-oglobo&unitType=244&tbloc=&pageType=text&pstn=Below%20Page&uuip=Feed%20-%20Below%20Page&cisrf=&cirf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&encoded=1&uid=e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c&variant=966256|1786072086&callback=TRC.videoTagCallbacks.videoCallback2&cb=1646792413209&tagid=&cntry=DE&platform=1&sesid=a8377ad2c9051daa0af1b4bf75f58848&itemid=/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&viewid=1646792412759&geolat=&geoing=&deviceifa=&appid=&sd=v2_a8377ad2c9051daa0af1b4bf75f58848_e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c_1646792412_1646792412_CNawjgYQlv9JGNec6OP2LyABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjb_5X0ga2ul6YBcAA&ri=c63b2efcfe409380bb46cab8753d3913&appname=&cdb=&gdprApplies=true&rid=&sii=-7425918557199498964&oee=true&tpubid=1212310&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1207970&prcnt=&layer=&normp=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7fecfb023f2581df87bd2b303f33aa74368600f982ee7513e97e0528c706433

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
access-control-allow-origin: https://blogs.oglobo.globo.com
machineid: 1449
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4062-HHN
pragma: no-cache
server: nginx
x-timer: S1646792413.212748,VS0,VE18
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 8ms
6ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 112
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: dIuPgF32MPZeTv1riDSyCnX4J6DD4HcAbNOGigu/2qjDG9J3qY6+6oya3VXcwS7qL2S4vfAf0bc=
x-served-by: cache-hhn4062-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1646792413.220097,VS0,VE0
date: Wed, 09 Mar 2022 02:20:13 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: ZQ8ND9MMDRQ3FH1S
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 84
x-cache-hits: 13

GET
H2 200 cta-component.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
5 KB 6ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 627a8cbf37fb72fd326b73ae343b31c138df6bc3ba553ad176b7b0e987cba88c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Xhz_YIGTGGZgh9cSu6dDuFfl7ly3pFm6
content-encoding: gzip
etag: "7681499e0e0b4e2348f9e0307256f40b"
age: 69
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4969
x-amz-id-2: CwtWC8S5BziXxHc62r4QIuxviOJ19aL0S+LptPtFTyQ5mqyJdat+B8q8GG3GMfWpRjIsIiPFm08=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 08 Mar 2022 10:34:24 GMT
server: AmazonS3
x-timer: S1646792413.225108,VS0,VE0
date: Wed, 09 Mar 2022 02:20:13 GMT
vary: Accept-Encoding
x-amz-request-id: 0NGKWEM2DQD7G01Q
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 84
x-cache-hits: 10

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 19ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.198&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Thumbnails%22%2C%22nb%22%3A%221%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22editoraglobo-oglobo-feed-action-bucket-1637826851856%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=41&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13786

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 18ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.201&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=9713&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13786

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 18ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.202&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=7800&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13786

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 18ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.203&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Thumbnails%22%2C%22nb%22%3A%221%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22editoraglobo-oglobo-feed-action-bucket-1637826851856%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=9747&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13786

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.205&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=5418&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13786

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.208&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=5662&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13786

GET
H2 204 pubs-generic
trc.taboola.com/editoraglobo-oglobo/log/3/ 0
192 B 17ms
16ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editoraglobo-oglobo/log/3/pubs-generic?route=AM:AM:V&lti=deflated&ri=3137eeb81c294ce3b22718044ad5b590&sd=v2_a8377ad2c9051daa0af1b4bf75f58848_e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c_1646792412_1646792412_CNawjgYQlv9JGNec6OP2LyABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjb_5X0ga2ul6YBcAA&ui=e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c&pi=/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&wi=-7425918557199498964&pt=text&vi=1646792412759&d=%7B%22data%22%3A%22%5C%22true%5C%22%22%2C%22type%22%3A%22DEDUP_DEBUG%22%2C%22eventTime%22%3A1646792413210%7D&tim=02%3A20%3A13.210&id=1333&llvl=2&cv=20220308-6-RELEASE&
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
via: 1.1 varnish
server: nginx
x-timer: S1646792413.230971,VS0,VE9
x-served-by: cache-hhn4062-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 15ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.210&type=warn&msg=Duplicated%20items%20monitoring%20enabled&llvl=2&id=6105&cv=20220308-6-RELEASE&lt=deflated&pcs=%5Bdata-feed-main-container-id%3D%22taboola-below-page%22%5D&vi=1646792412759
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13629

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.210&type=info&msg=%7B%22name%22%3A%22Below%20Page%22%2C%22nb%22%3A%22%22%2C%22eof%22%3A%22true%22%2C%22fti%22%3A%22editoraglobonetwork-feed-action-bucket-1631208352423%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=9182&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13629

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.211&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=4360&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13629

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.212&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=6335&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13629

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.212&type=info&msg=%7B%22name%22%3A%22Below%20Page%22%2C%22nb%22%3A%22%22%2C%22eof%22%3A%22true%22%2C%22fti%22%3A%22editoraglobonetwork-feed-action-bucket-1631208352423%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=5607&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13629

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.217&type=info&msg=Start%20Rendering%20Below%20Page%20%7C%20Card%201&llvl=2&id=8252&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13629

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.222&type=info&msg=Finish%20Rendering%20Below%20Page%20%7C%20Card%201&llvl=2&id=9254&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13667

GET
H2 204 social
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 0
230 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/social?route=AM:AM:V&lti=deflated&ri=3137eeb81c294ce3b22718044ad5b590&sd=v2_a8377ad2c9051daa0af1b4bf75f58848_e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c_1646792412_1646792412_CNawjgYQlv9JGNec6OP2LyABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjb_5X0ga2ul6YBcAA&ui=e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c&pi=/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&wi=-7425918557199498964&pt=text&vi=1646792412759&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%22Sem%20Autor%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs2.glbimg.com%2Fel2nXAIMf-MFP1dx9wU0IUt-_fM%3D%2F640x424%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2020%2F09%2F25%2Fa.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=02%3A20%3A13.241&id=2452&llvl=2&cv=20220308-6-RELEASE&
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 / Show response
usergate.globo.com/ 33 B
361 B 730ms
249ms XHR
text/plain 201.7.182.142
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://usergate.globo.com/

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.182.142 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

nginx /

Resource Hash

ae91430d6567c1a2be30a2d597a4235486050c0733c5856d0af336b2fff5f3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.252&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=9447&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13667

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A13.253&type=info&msg=Finish%20Rendering%20Below%20Page%20%7C%20Card%201&llvl=2&id=2838&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13667

GET
H/1.1 200
OK Doria-Cidadania.jpeg.jpg
ogimg.infoglobo.com.br/in/25424517-fba-07d/FT1086A/ 103 KB
103 KB 920ms
229ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25424517-fba-07d/FT1086A/Doria-Cidadania.jpeg.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

75880d09ff38cbb2c7b7bf594ee7aeffe232bafd491fbda0fd7952bbd3bcedd3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 23:49:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 9018
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 23:48:45 GMT
Server: Apache
ETag: "40169d3a-19ad4-5d9bd9f2677e8-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 669

GET
H/1.1 200
OK Ricardo_Lewandowski.jpg
ogimg.infoglobo.com.br/in/25333320-8db-989/FT1086A/ 43 KB
43 KB 932ms
232ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25333320-8db-989/FT1086A/Ricardo_Lewandowski.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

f3e652fa25a7130b7b6eb96aab8e3d53c6367004a05c9172b2df12177b0c7963

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 20:04:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 6156922
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Mon, 27 Dec 2021 20:03:18 GMT
Server: Apache
ETag: "203f2c72-acf8-5d4263220f059-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 10616

GET
H/1.1 200
OK 97966554_MARIZPABRASILIA-08-03-2022-ENCONTRO-DAS-LIDERANCAS-EVANGELICAS-JAIR-BOLSONARO-Jair-Bo-1.jpg
ogimg.infoglobo.com.br/in/25424309-4fd-ccf/FT1086A/ 62 KB
61 KB 935ms
234ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25424309-4fd-ccf/FT1086A/97966554_MARIZPABRASILIA-08-03-2022-ENCONTRO-DAS-LIDERANCAS-EVANGELICAS-JAIR-BOLSONARO-Jair-Bo-1.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

4e54797d8d66b6ee187527f51105f8d75255222a21c9d50f9df4852fed284306

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 22:13:36 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 14797
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 22:12:57 GMT
Server: Apache
ETag: "a0619bc0-f901-5d9bc48888fd8-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 12916

GET
H/1.1 200
OK arthur-do-val.jpg
ogimg.infoglobo.com.br/politica/25420652-31f-401/FT1086A/ 126 KB
126 KB 931ms
234ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/politica/25420652-31f-401/FT1086A/arthur-do-val.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

61f7487dc941910bd702c2798497b0fa8baecf9d051adfabc468a30b726cd8b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 21:06:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 18797
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 21:04:49 GMT
Server: Apache
ETag: "401bbf0e-1f63d-5d9bb54e11968-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 1295

GET
H/1.1 200
OK 96242931_CRISTIANO-MARIZ-PA-17-11-2021-RODRIGO-PACHECOSTF-Rodrigo-Pacheco-presidente-do-Senad.jpg.png
ogimg.infoglobo.com.br/politica/25363831-498-74b/FT1086A/ 26 KB
20 KB 932ms
232ms Image
image/png 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/politica/25363831-498-74b/FT1086A/96242931_CRISTIANO-MARIZ-PA-17-11-2021-RODRIGO-PACHECOSTF-Rodrigo-Pacheco-presidente-do-Senad.jpg.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

7e2ea1311a5c4eb16c53afafde1377f89694307cacf250d7c06afa3e00b17b7b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 20:12:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 22067
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 20233
Last-Modified: Tue, 08 Mar 2022 11:59:59 GMT
Server: Apache
ETag: "4007005e-68eb-5d9b3b8638225-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 1533

GET
H/1.1 200
OK 96370725_MARIZPA-BRASILIA-25-11-2021-RENATA-ABREUPODEMOS-Entrevista-com-a-deputada-Renata-Abre.jpg
ogimg.infoglobo.com.br/in/25424088-cdd-cb9/FT1086A/ 45 KB
42 KB 932ms
233ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25424088-cdd-cb9/FT1086A/96370725_MARIZPA-BRASILIA-25-11-2021-RENATA-ABREUPODEMOS-Entrevista-com-a-deputada-Renata-Abre.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

ced381d45a6b2894b8eb6e6752feff077fbf590fc3a6050878432704d37af565

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 20:04:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 22535
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 20:03:22 GMT
Server: Apache
ETag: "3112cd-b582-5d9ba791d2bc5-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 1499

GET
H/1.1 200
OK 97960174_Brazils-President-Jair-Bolsonaro-puts-on-a-pink-tie-after-taking-of-his-blue-tie-durin.jpg
ogimg.infoglobo.com.br/in/25423720-073-d29/FT1086A/ 38 KB
37 KB 234ms
233ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25423720-073-d29/FT1086A/97960174_Brazils-President-Jair-Bolsonaro-puts-on-a-pink-tie-after-taking-of-his-blue-tie-durin.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

01a99228c113fb951194f3d514266b6333dda25ea9c1f9f581596696b2ad5a64

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 15:48:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 37905
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 37521
Last-Modified: Tue, 08 Mar 2022 15:48:20 GMT
Server: Apache
ETag: "4037b47f-9904-5d9b6e909f1b5-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 1669

GET
H/1.1 200
OK 97912282_SAO-PAULOSP05032022DEPUTADO-ARTHUR-VAL-CHEGADA-AEROPORTOChegada-do-deputado-Arthur-1.jpg
ogimg.infoglobo.com.br/in/25422664-c57-643/FT1086A/ 51 KB
51 KB 232ms
232ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25422664-c57-643/FT1086A/97912282_SAO-PAULOSP05032022DEPUTADO-ARTHUR-VAL-CHEGADA-AEROPORTOChegada-do-deputado-Arthur-1.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

b248aa9a1bfaca05cb9531d470ef4b5860f5c8edde13bfd6d8a41a85dcd3f5cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 20:01:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 109135
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Mon, 07 Mar 2022 19:59:44 GMT
Server: Apache
ETag: "402f0cb8-cb41-5d9a64e4af6a9-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 9717

GET
H/1.1 200
OK WhatsApp-Image-2021-10-15-at-21.32.23.jpeg.jpg
ogimg.infoglobo.com.br/in/25238946-acd-e24/FT1086A/ 37 KB
35 KB 234ms
234ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25238946-acd-e24/FT1086A/WhatsApp-Image-2021-10-15-at-21.32.23.jpeg.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

7ebfb0f244ddbf6556603bc32756dc43f6a7ab93c4f745e14a571b27ce299c50

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 11:10:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 313802
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 35330
Last-Modified: Sat, 05 Mar 2022 11:10:02 GMT
Server: Apache
ETag: "7a29e-94b4-5d976ac3b6afe-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 33079

GET
H/1.1 200
OK xbolsonaro_e_filhos.jpg.pagespeed.ic.ngjbruse0f.jpg
ogimg.infoglobo.com.br/in/25423643-767-84a/FT1086A/ 71 KB
71 KB 233ms
233ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25423643-767-84a/FT1086A/xbolsonaro_e_filhos.jpg.pagespeed.ic.ngjbruse0f.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

b626a99d0244cd5956e5168a46a585f9b8041f755f6c167da6e41ccd2a5b6f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:18:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 130
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
X-Cache-Hits: 4
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 21:15:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=300,private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 08 Mar 2022 21:20:22 GMT

GET
H2 200 footer-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/ 35 KB
36 KB 1478ms
1478ms Image
image/gif 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/footer-desk.gif
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2455fe3dab06ba539f999e2ff5fda1d31254de4422ccbe0af7103d8075f76195

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
x-openstack-request-id: tx04d17db61a7e4810984fa-0062280e66
last-modified: Tue, 08 Mar 2022 14:38:33 GMT
x-trans-id: tx04d17db61a7e4810984fa-0062280e66
x-thanos: 0AB14002
etag: a0724d065a8e1e0d806a9e9880b41c4e
vary: Accept-Encoding, Origin
content-type: image/gif
x-timestamp: 1646750312.66342
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 36198
x-request-id: f8beb61f-bb80-437b-b5a0-6d8e7c309197

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=220978868&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&dp=%2Fpolitica%2Fblogs%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&ul=en-us&de=UTF-8&dt=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Footer&el=footer%20-%20deslogado_gabigol%20-%20oferta%20-%20og_footer_semcookie_cnsmdr&_u=aGDAgEABAAQCAE~&jid=&gjid=&cid=1281472035.1646792411&tid=UA-51216819-1&_gid=459233599.1646792411&gtm=2wg37055NG4R&cd1=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd52=1281472035.1646792411&cd82=responsivo&z=554636443

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 06:24:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71757
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.6.9/ 100 KB
29 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5370c8f238d0ae8b1400cff5df17563faca18ebfc2372d0948e20087984e2d19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront), 1.1 varnish
age: 566964
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 29420
x-served-by: cache-hhn4062-HHN
last-modified: Wed, 02 Mar 2022 12:50:08 GMT
server: AmazonS3
x-timer: S1646792413.280881,VS0,VE0
etag: "fc14dc1b8b9b350592c06408d9365f23"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: RdCKEbq5DBy3hPY6ihqU1cl35mclg9o0Z8UZl8QoxXuEC4Wpw3j22A==
x-cache-hits: 39625

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 1B00 134 KB
36 KB 66ms
18ms Script
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 57
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0V246RBR7JGS9NE9Z2ZN
date: Wed, 09 Mar 2022 02:19:22 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: TGPhZyCxKo-Ox6LmIAfEWv4ysfU9I4egZdzdIOHawwNMftzj9uh6lQ==

GET
DATA 200
OK truncated
/ Frame 1B00 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2db559da8de44afd0877e93696cce7203ed2214884463034e92f65dcead1b4d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ Frame 1B00 369 B
608 B 115ms
33ms XHR
application/json 34.247.75.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/oglobo.globo.com.dw.970x250.inter,ss:%5B970.250%5D,p:/138871148/oglobo.globo.com.dw.970x250.inter%7D&wr=970.250&sr=1600.1200&url=https%253A%252F%252Fblogs.oglobo.globo.com%252Fmalu-gaspar%252Fpost%252Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253Dnewstarde
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.75.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-75-254.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 55cdbf18d0580566afa5dee9b77e16a261fb1273075ef0a2aa0eca9abb15cf4e

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
x-server-name: app05.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1B00 138 B
995 B 13ms
13ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

27b290ec506de26d645318a16c94bbe3b1561e77ccda252d9f28f4905b0079f3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:13 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 55d2f677-9af3-466a-9d30-bd66360f095d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1B00 433 B
896 B 81ms
80ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=57&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=oglobo.globo.com.dw.970x250.inter&tg_i.dfp_ad_unit_code=138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter&tg_i.pbadslot=138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter&tk_flint=pbjs_lite_v4.43.0&x_source.tid=f5489666-77fd-4252-a274-3b6037577f9c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.48825149186341155
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2086b08690772c728b3ec6272e932b5a563e464e48bf00e92b7361380de58277

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:13 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 433
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 1B00 24 B
527 B 61ms
19ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 324fe325e7bd013142f8b401604c76b775a28d4c3598c70b959517d028e469e1

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 02:20:13 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame 1B00 338 B
493 B 57ms
22ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d7ff64b609325585354f09c88129be82a7b58a215d77d0ef4bdd3d8d583bd1dc

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1B00 0
65 B 136ms
55ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
date: Wed, 09 Mar 2022 02:20:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7543 624 B
297 B 100ms
51ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNXuqJDGgSqgN1_h42Jmt2m6GgKkYi38KwJL_1_LWswJi4XBTY-l_b7GNiSRKOUfy8Em4ZRzXxt1hD-HjX1fve6iPNcs91Hn0P6gp-5GlGlFRRiQqH3N-zCFBuI_56sLlXXKZjlFemP_TlpA8NJn3ZROJLqVZyvcAJrcngKxOMPsJY1PTzI

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 09 Mar 2022 02:20:13 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 30D4 77 KB
32 KB 144ms
97ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhwqaUfbWe9WetgldD8lklLrtJ7zj3fTybjVjr50f7ROA1dsukjaV9ElTYD43rLQF2firUgwSHr3nd5AVtGvMMCz3E0w&cry=1&dbm_d=AKAmf-Bjw19xuzHp0_mGm0KrO2jgNbBdP1qGq_r4o2HOvU_aU08dArEdr3znUYiCKQrry1yqeOPBO8p5wPpXM77X6xZB8qtO3MX4vDR4bKHCaPNqjilYDcXK35DBDROuf1404Z4GH3r6cXrYKPKpNtTjzKg38DmlFG2XSY12ckUEWvOyghwfhB3aLaXvxvd7D7CqAl2d3jH31fqAhpzuoJ-mQqT7lAJXfTJx_TWUOYllNakwqpzSkLcB2d-0APzb_agTa-Mbwh9FhnDaVY6jbDdeIn_Q3jBf1DRi9WE3QygKpbpd5lyDuJSOkhp-uejYfcs4OBq7tfDUKlTRVRFWnqNk13_tc2yQuqeTbrtaC38eJBgeiekSnNJHAzRgAB3AJdT3ZGl8HJvIzlpihousC9oaYazfZ2r1d2n3LV2pAqcUHzJ6vEzBEKM-7cHLepQVg5m5U-x_ov8-TXmgptu87WQlmxdyOBwyWJd2W3vBwQamdZnTWwHs8iVpvSgd3OQEr2gJIvwWezSI2IyRNqmoWIQrB88XFTacrLNdXvircPXUx5EB7NjpcsP1IrvayMgU5TTFxJ2o1RDxxFvlg5KZWkds3MGo_9_1YCgcqcgiVk9sI440VM_mqDt0cgdFtMbLXqPsaAPkviptrrC_K6m-jKgsB7fHsHwx9ARtdiDfuPayb0lhRSx-J8loPeN4QgqL2Y01IlbUmBbUK_T2Mg96Uh5Eo6sNZxvZvOabqUTeWnu7hqkTVUJMdGwnSd4c0zL2GRoR12VD36lQoVBrtk07DUZXjHLHHaT6Ho7Vt0x3Ffk0VwYCgBVkd0f0FNzqRupyPHXsJ4QZsysD7F4L_xjhji8fV0bpyzMO5hdlTKsjpWh16vXz0WUXOSLe9qqo8jMyBTWGZaWPbACrRu3tdsflnNsSDY_PAx4Sy_GHlp14dlJ-69D-IkeibV87WX3uyCTWxfWVlkdCIOCPsCDZ2sV02Olddj9Rm3QAiQfeJAK77rAjyNqUFaj8cVCWKpn6kp4o5YDePy0j9gESpzHEy_FxLu_7xtIGnQ_yGYTWpdSnqVZfkGlfDtAvyQC4etWDmnni6rmuDiUMBqDryYvrn_OWLMmwyMMSE8TwdPhOZOm8JtyC3B1mJwbJLEH5d5Xmnt2Rq05oG6mAl6ucKdSc2BZBR-acZzEi4GqbGPRdJ6uSF-CMPNNtWofOc0ZSgKoGtCx0Z0Dh23Kypz3AWcyNNG3Lw88Zh0mKezEqaOkJmpS-TPw29EEkglIztmNJ4HVhR0iFdhfl4kF2E3oMkL1vf2kr0ANUN7LQFVTfQbbJ0v-vkdq8t11RHWeim7ON11DIx_x_KF8CXdhcEydcP2587ULF5MNBeSU8kSrsWMF5yAuKVELb9AjkMtUJxSzGXC6kBI1wgvjbN3pvooJ0k7kqoRRmexiYzVgIm8NUljJu-5XZ8fHLuNVPz3S2d7XSq3LmJvdovtB3YaeIzRjghg3YHT5dsjOyjka_rsjD1Mrx-ZUxH3cZMFCCeILUG0-zhTzej36axU91QUliee_94n-PAUeRp6Ayc2cOQGzSX6orqAmyLYMlemnc0vXsHQWKYK8CWkRW3CA50CnNPeSqBidIis9D6A_76wDpwnNDA8kiX_zMbBZEOtX8dzzyNuOVIscevc8nyG5RUve5M3LYfHHnERc-a8HOnIEpQv9wKCIElvY7-ahXwFhCC-KPNPhq-1Tf2t1YSigPPuq4DALx-r1Px37kDtR1NO9sUIfk1cWfV0kIm-zpFBm4xOcq0zLVo3joTQOdZKRcQzxehr55gbQ-Y7AEM5Cpi7qCw2JQvWv_dEckpwnXynvpl7jzCJCfW9aI7MFN63B9M0124vZNJuCYdGtzgcRqB7hKV0MYBZ_O9X6QWIvo9m7tLZDbyIFo1c36WMGaQWkVEyvKt6m9wL5bRqi6_WOWzDJxuQWxlrh770aaNnB4cCPpRwaCDzu_QTRJdNd3UaM00kH1aBgNFA6jkxH4DiLnCVrSQN_VR0PUQZiQqgMjfMCqXbITVHMNJiSRnyh1Cgm8IC-XsdrowyLV5zot925umm7ttzOqfQgqDF8zV7XjC3uDbj07aFYdYKLj2sbpRelW7Q1NclevbD_R3X5Ax97ewFPkAdNT6NzWZoae0cJo_wcQj1EavxEq-5JXQmP__deTt9jNAbIDr__-59niDXMymfymEcH4qzB8K56rHD_79HJdNVjH_wJ-cKNaftqGUU52JiIsBNrTfxqzc2ue1o-FcdkFz_nfyKuhYn7EnGMbxpiYdalBetxRkbY1aa7g945J9MbR4fguxHrI4rhUKIt-ccca1a3BvKgD8vx5OKIIyVflzW1CbPYHY1pjAN-p9zdUvp7M5-_DNIuj2anpfaoH3GGSFN9k9hlCKpDqVD3DKtDCBREPj2Tjh1ozPQpd33k-CybQvbLBnPQWuHquXhqI7w8lGF7LV-Hz3yPnlz1M6m24v650guBftn8IIH9yMOp0Lk46GF6MgB-BaPAfbl5GUHqTGYz0jeLfIf8zE2wm4XY5u80MLcTXEywDZjByVzNro6zKMz3Ixd_GS-9YC0BQu_MF6m14NcdGPN9FwUda2LeGFOiuTkUG-dS2Ps7jSAuiEsN-4ufCGKsuMastqqJgTrq5hV6uLG-nOQUzgCSvLWmCp-ccQqnDVRPx8PBea4XmIc5HxEKUhIK8xcdINlasGCsmqCJeegu7rsd7f8KIMGAwWJyQx8ILDAaL_M6_FcRD0ZB4SCUz6YCKACg67hB7gfix8gq46-XAAUwIYNeeWbGEmnO845V2hVsQSvbrgnxUEu_2dc8uV7FfbqSNHfCiFFsqMurC-14b8uqIynhI83QxcXFua7iP6QC-gzhVe7ZOvVYq4nVy4BQ2eAsB4ZriilqAFY_sr_T5ta5sojkxj-vFSNznrtaDtVabCx6uwtYoaSsa4iS8C9s52jaMh0wG2QQKxkK6RaYuM8uAlcC0vQV55Ejx6ohZxIIunpjuLD-WZyFXzas2euPsCv4CKvxTbGjRKd4O5O4R3kOc2mcT0N-4LHbKCX4Pb7Okrfh8yDQ9-q3ru9W60pKvGVLrErhMqenF8vgzBIUHeJO7h3nLKjGB2pvchFV2AO3JlwIBjBKOOuqmOIxeUnad1sYCZByE--feamY9_Jc-3315hp6IuAJMISGX5FPteP68_F6SDaE8qjStsgWXWcSsnJNo7CBmscRCmruCr16Mt64VRSYMcQBTHr-9yOEV-LHYkzTUUTGb4Q5vTfwjv-Ex-hvuXCJpDB3pDKWTuxxue5Y5I9b2iIjQRCAAVkFJ9ixgrcX29q0HMhF5kFubDOmOlZ1g856qRm_vJz69H02l7hKCszyCxV3RudMJCoI-A1TsNkLNtkaEKn4U5-Rd3d8vVXyMeP_0OJVQX9i7QBe9jZjA8mBhxxduReCasf6tZfvRfR4C_lM0YXAkpc2OJkZu_NWe6yuYoEwex-cD4A&cid=CAASJORoDxpg8b9c3n-_052G3P7EraBZd5Dai65FVbrb_f9Jze_4-w&rfl=1%2Chttps%253A%252F%252Fblogs.oglobo.globo.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7b3fc6336e7157d3af86b8f8016f5fdfa4d8a6a18f134bb311bd81c289a8fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30D4 42 B
494 B 158ms
69ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AoO2jtvFT1Pi34tyq7sO_80iSXAKoTX8-SwiDaXi_o-v0Xzn75PgyVcKx8ivIgfavoI6Y9vPbHZpKK2tt82DCACdcFIyF9Zy9mMmF18-EfatcW6qg

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame 30D4 2 KB
1 KB 131ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/window_focus_fy2019.js

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 02:02:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30D4 124 KB
38 KB 104ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 02:20:13 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame 30D4 15 KB
7 KB 126ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 02:16:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 30D4 0
0 47ms
46ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSLo4766eK0MyKDP9DZyn4i9DrXhTd3Zj-R16WWCU8xbWxssm_gZJut6AQiHsaZR414D4W3zok6dMQzmRTLh1TK4wN5A
Requested by: Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 8A92 134 KB
36 KB 16ms
16ms Script
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 57
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0V246RBR7JGS9NE9Z2ZN
date: Wed, 09 Mar 2022 02:19:22 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 5iZP0Ult2kfZtC1_Q3FGA7HjL-O-Kv_RCsKvFFx8Pzu4ofRKWiDsUQ==

GET
DATA 200
OK truncated
/ Frame 8A92 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 600e42a50f9df99c61e226e9cb5d86704e8b6323a73e8b9946243a8891bb5052

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ Frame 8A92 349 B
586 B 59ms
33ms XHR
application/json 34.247.75.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/oglobo.globo.com.dw.728x90.inter,ss:%5B728.90%5D,p:/138871148/oglobo.globo.com.dw.728x90.inter%7D&wr=728.90&sr=1600.1200&url=https%253A%252F%252Fblogs.oglobo.globo.com%252Fmalu-gaspar%252Fpost%252Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253Dnewstarde
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.75.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-75-254.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fc1a0f46b50de0e92ad8bf9df5c1651d70a17834ced9953a43cca6c62d2b79f0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
x-server-name: app02.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame 8A92 338 B
316 B 22ms
21ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7a7a5d6da7f6a331d49787d1e6ec4fa21cc70da9df783042580edf59bd928b5a

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 8A92 24 B
527 B 31ms
23ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: d950d55b1bb95d260437e4aa83e4ec224abf61493522ce448ab035d689125f9a

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 02:20:13 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 8A92 0
121 B 72ms
43ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
date: Wed, 09 Mar 2022 02:20:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8A92 145 B
1 KB 143ms
143ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

2652b734711f40e9fb792c26d06968dde9e8f336591e35aad72a9b5a0b67dd1e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:13 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 22f78ed8-8933-4045-ad5d-37aad42e5560
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 8A92 658 B
1 KB 98ms
73ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=2&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=oglobo.globo.com.dw.728x90.inter&tg_i.page=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.domain=blogs.oglobo.globo.com&tg_i.dfp_ad_unit_code=138871148%2C85042905%2Foglobo.globo.com.dw.728x90.inter&tg_i.pbadslot=138871148%2C85042905%2Foglobo.globo.com.dw.728x90.inter&tk_flint=pbjs_lite_v4.43.0&x_source.tid=edbdf634-5ba9-47e3-accc-7c01b517d5c4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8751838707056199
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: bfdc006904c9a87fb3642db48d7019e5b868cfd8242b2937067fc0e935ab91c1

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:13 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 658
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 1B00 385 B
746 B 16ms
15ms XHR
application/json 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:43:41 GMT
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
server: Server
age: 5791
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-length: 385
x-amz-cf-id: BryowYRQuZzr1sIyuoh9hgq3xKcEbVnsIiuNZ5L4PNykbzihq0J1kg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 1B00 6 KB
3 KB 46ms
15ms XHR
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 62634
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Tue, 08 Mar 2022 08:56:20 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 0C9mgzGVYamcoN_rb444Jqwoh6Mawi2MLnmxNpWl1-4p1K-ExhKeKQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B00 0
0 73ms
73ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvc7we89zT6lHuOsR6ba-h_iJJ1cofvvg-yr3-YFsuvQvNzs3eVws7hC3eg5e_dTYVaMfuslWqU-ZruY_Nn6tJ6A3mBnwvtjwzK5Jdb2GoIBWUJzPy_xZJU9UY5_VmmtJHmUazbGkvygJSt-Mlv3PjSG96oRdVUnZO1wKlTSfkiqLL1ho9lJUZtrxyaIlAPf7pVVpji4mgrmDq4M-7-Q01pyVrv3RHjpMmjGyYan19ncwNPV_R__k2-cD838tE4G6Tjv_ou5LqtjHuTwhB_BYnteSEYCgsBhKm4a3aGVl0aVSwv77IhwRVAsa8Tp7rG5-Hue_8CQ6G7&sig=Cg0ArKJSzEwfVMeBFwlnEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 02:20:13 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 8A92 385 B
746 B 15ms
15ms XHR
application/json 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:43:41 GMT
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
server: Server
age: 5791
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-length: 385
x-amz-cf-id: pgZiNGiCGrK0m1bHVzoXmpCZ9rkTv3XGUk5cG5fWNu5n-aEpdVasIg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8A92 6 KB
3 KB 40ms
16ms XHR
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 62634
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Tue, 08 Mar 2022 08:56:20 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: OCsNaZh9utQs7brOUpFWWWUZRmyVhCWIkfVTbYExw2xHcAMk_tFKwA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8A92 0
0 75ms
74ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssG3vowIpAMrKpMMCXkOF5UWKbfdZPF63Dd2ZfIbOwMxy0lBaE6wLl5KSKnwwwkXJ0Vrtsb3JnjcSDIGUuKoslIqHxb5CQwm6HLGuBHJy5yi_A7VQxlU-GKt-kN6F2NYDBaB9Vc4-o_IW8QUHGkGJCH8g42M3T5Rl0Xd8YqH8jTxp9NhEVGA3YcUww6lYlEQOmreCpBX2sHDMdPgn7qHuC16Nwj624WhGSwx0kvDt7vhqF1D7laidEq3qGa4-8qrbeontmW8IQ1g2zVi3VvCSztenfvGDNs5X0rJv6FHsQWHt34fzuRaIBdkJCTaF46Esj3N8P83ERc&sig=Cg0ArKJSzGjRX0QR6bQJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 02:20:13 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 1B00 38 KB
11 KB 37ms
16ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 09 Mar 2022 02:19:01 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 167481024

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 8A92 38 KB
11 KB 32ms
17ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 09 Mar 2022 02:19:01 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 167481024

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7543
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw7Ee4fGVK8C5wnHw7P59Q&google_cver=1

43 B
1014 B

16ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw7Ee4fGVK8C5wnHw7P59Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNXuqJDGgSqgN1_h42Jmt2m6GgKkYi38KwJL_1_LWswJi4XBTY-l_b7GNiSRKOUfy8Em4ZRzXxt1hD-HjX1fve6iPNcs91Hn0P6gp-5GlGlFRRiQqH3N-zCFBuI_56sLlXXKZjlFemP_TlpA8NJn3ZROJLqVZyvcAJrcngKxOMPsJY1PTzI
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 09 Mar 2022 02:20:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw7Ee4fGVK8C5wnHw7P59Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7543
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YigO3fSqZsgIJ39y1-exAwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw7Ee4fGVK8C5wnHw7P59Q&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw7Ee4fGVK8C5wnHw7P59Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNXuqJDGgSqgN1_h42Jmt2m6GgKkYi38KwJL_1_LWswJi4XBTY-l_b7GNiSRKOUfy8Em4ZRzXxt1hD-HjX1fve6iPNcs91Hn0P6gp-5GlGlFRRiQqH3N-zCFBuI_56sLlXXKZjlFemP_TlpA8NJn3ZROJLqVZyvcAJrcngKxOMPsJY1PTzI
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 09 Mar 2022 02:20:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw7Ee4fGVK8C5wnHw7P59Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7543
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFrKzha8OOT5-NeBWPFd9x0&google_cver=1

43 B
1020 B

13ms
13ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFrKzha8OOT5-NeBWPFd9x0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNXuqJDGgSqgN1_h42Jmt2m6GgKkYi38KwJL_1_LWswJi4XBTY-l_b7GNiSRKOUfy8Em4ZRzXxt1hD-HjX1fve6iPNcs91Hn0P6gp-5GlGlFRRiQqH3N-zCFBuI_56sLlXXKZjlFemP_TlpA8NJn3ZROJLqVZyvcAJrcngKxOMPsJY1PTzI

Protocol

HTTP/1.1

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:13 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a65726f3-b57a-4979-b888-4399d072a591
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFrKzha8OOT5-NeBWPFd9x0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7543
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIzODQzNDQxNjYyNjY0NjM5OQ%3D%3D

170 B
188 B

49ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIzODQzNDQxNjYyNjY0NjM5OQ%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:13 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fbcb133f-b09c-4813-8b14-f93542a7120f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIzODQzNDQxNjYyNjY0NjM5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200 996.json Show response
id5-sync.com/g/v2/ Frame 8A92 213 B
540 B 38ms
8ms XHR
application/json 54.36.109.22
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/996.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.22 , France, ASN16276 (OVH, FR),

Reverse DNS

p09.id5-sync.com

Software

Resource Hash

fc47fcb3ed39767ce604f428c7d5c191036ee62d56dfd3c106ba5adcc5b1c2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Date: Wed, 09 Mar 2022 02:20:12 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

POST
H/1.1 200 996.json Show response
id5-sync.com/g/v2/ Frame 1B00 213 B
540 B 36ms
9ms XHR
application/json 54.36.109.22
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/996.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.22 , France, ASN16276 (OVH, FR),

Reverse DNS

p09.id5-sync.com

Software

Resource Hash

e4bcb52982d1db7b35e873e9fa9df75c71037b065381009d23f65cc2a66fb05b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Date: Wed, 09 Mar 2022 02:20:12 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 1B00 23 B
497 B 47ms
46ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&pid=dVXCAL8SeTW9Y&cb=0&ws=970x250&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.970x250.inter%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.79.193 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
x-amz-rid: K7GGSPS8S8JD3Z2N0PTP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dGjOq8CO2bAggcflk8zlOEm3XTsIpz2F2_DyqBV7XfvMDKw-jOv03g==

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 30D4 106 KB
38 KB 137ms
39ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
Origin: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36735
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 16:07:58 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220303/r20110914/elements/html/ Frame 30D4 8 KB
3 KB 92ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220303/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhwqaUfbWe9WetgldD8lklLrtJ7zj3fTybjVjr50f7ROA1dsukjaV9ElTYD43rLQF2firUgwSHr3nd5AVtGvMMCz3E0w&cry=1&dbm_d=AKAmf-Bjw19xuzHp0_mGm0KrO2jgNbBdP1qGq_r4o2HOvU_aU08dArEdr3znUYiCKQrry1yqeOPBO8p5wPpXM77X6xZB8qtO3MX4vDR4bKHCaPNqjilYDcXK35DBDROuf1404Z4GH3r6cXrYKPKpNtTjzKg38DmlFG2XSY12ckUEWvOyghwfhB3aLaXvxvd7D7CqAl2d3jH31fqAhpzuoJ-mQqT7lAJXfTJx_TWUOYllNakwqpzSkLcB2d-0APzb_agTa-Mbwh9FhnDaVY6jbDdeIn_Q3jBf1DRi9WE3QygKpbpd5lyDuJSOkhp-uejYfcs4OBq7tfDUKlTRVRFWnqNk13_tc2yQuqeTbrtaC38eJBgeiekSnNJHAzRgAB3AJdT3ZGl8HJvIzlpihousC9oaYazfZ2r1d2n3LV2pAqcUHzJ6vEzBEKM-7cHLepQVg5m5U-x_ov8-TXmgptu87WQlmxdyOBwyWJd2W3vBwQamdZnTWwHs8iVpvSgd3OQEr2gJIvwWezSI2IyRNqmoWIQrB88XFTacrLNdXvircPXUx5EB7NjpcsP1IrvayMgU5TTFxJ2o1RDxxFvlg5KZWkds3MGo_9_1YCgcqcgiVk9sI440VM_mqDt0cgdFtMbLXqPsaAPkviptrrC_K6m-jKgsB7fHsHwx9ARtdiDfuPayb0lhRSx-J8loPeN4QgqL2Y01IlbUmBbUK_T2Mg96Uh5Eo6sNZxvZvOabqUTeWnu7hqkTVUJMdGwnSd4c0zL2GRoR12VD36lQoVBrtk07DUZXjHLHHaT6Ho7Vt0x3Ffk0VwYCgBVkd0f0FNzqRupyPHXsJ4QZsysD7F4L_xjhji8fV0bpyzMO5hdlTKsjpWh16vXz0WUXOSLe9qqo8jMyBTWGZaWPbACrRu3tdsflnNsSDY_PAx4Sy_GHlp14dlJ-69D-IkeibV87WX3uyCTWxfWVlkdCIOCPsCDZ2sV02Olddj9Rm3QAiQfeJAK77rAjyNqUFaj8cVCWKpn6kp4o5YDePy0j9gESpzHEy_FxLu_7xtIGnQ_yGYTWpdSnqVZfkGlfDtAvyQC4etWDmnni6rmuDiUMBqDryYvrn_OWLMmwyMMSE8TwdPhOZOm8JtyC3B1mJwbJLEH5d5Xmnt2Rq05oG6mAl6ucKdSc2BZBR-acZzEi4GqbGPRdJ6uSF-CMPNNtWofOc0ZSgKoGtCx0Z0Dh23Kypz3AWcyNNG3Lw88Zh0mKezEqaOkJmpS-TPw29EEkglIztmNJ4HVhR0iFdhfl4kF2E3oMkL1vf2kr0ANUN7LQFVTfQbbJ0v-vkdq8t11RHWeim7ON11DIx_x_KF8CXdhcEydcP2587ULF5MNBeSU8kSrsWMF5yAuKVELb9AjkMtUJxSzGXC6kBI1wgvjbN3pvooJ0k7kqoRRmexiYzVgIm8NUljJu-5XZ8fHLuNVPz3S2d7XSq3LmJvdovtB3YaeIzRjghg3YHT5dsjOyjka_rsjD1Mrx-ZUxH3cZMFCCeILUG0-zhTzej36axU91QUliee_94n-PAUeRp6Ayc2cOQGzSX6orqAmyLYMlemnc0vXsHQWKYK8CWkRW3CA50CnNPeSqBidIis9D6A_76wDpwnNDA8kiX_zMbBZEOtX8dzzyNuOVIscevc8nyG5RUve5M3LYfHHnERc-a8HOnIEpQv9wKCIElvY7-ahXwFhCC-KPNPhq-1Tf2t1YSigPPuq4DALx-r1Px37kDtR1NO9sUIfk1cWfV0kIm-zpFBm4xOcq0zLVo3joTQOdZKRcQzxehr55gbQ-Y7AEM5Cpi7qCw2JQvWv_dEckpwnXynvpl7jzCJCfW9aI7MFN63B9M0124vZNJuCYdGtzgcRqB7hKV0MYBZ_O9X6QWIvo9m7tLZDbyIFo1c36WMGaQWkVEyvKt6m9wL5bRqi6_WOWzDJxuQWxlrh770aaNnB4cCPpRwaCDzu_QTRJdNd3UaM00kH1aBgNFA6jkxH4DiLnCVrSQN_VR0PUQZiQqgMjfMCqXbITVHMNJiSRnyh1Cgm8IC-XsdrowyLV5zot925umm7ttzOqfQgqDF8zV7XjC3uDbj07aFYdYKLj2sbpRelW7Q1NclevbD_R3X5Ax97ewFPkAdNT6NzWZoae0cJo_wcQj1EavxEq-5JXQmP__deTt9jNAbIDr__-59niDXMymfymEcH4qzB8K56rHD_79HJdNVjH_wJ-cKNaftqGUU52JiIsBNrTfxqzc2ue1o-FcdkFz_nfyKuhYn7EnGMbxpiYdalBetxRkbY1aa7g945J9MbR4fguxHrI4rhUKIt-ccca1a3BvKgD8vx5OKIIyVflzW1CbPYHY1pjAN-p9zdUvp7M5-_DNIuj2anpfaoH3GGSFN9k9hlCKpDqVD3DKtDCBREPj2Tjh1ozPQpd33k-CybQvbLBnPQWuHquXhqI7w8lGF7LV-Hz3yPnlz1M6m24v650guBftn8IIH9yMOp0Lk46GF6MgB-BaPAfbl5GUHqTGYz0jeLfIf8zE2wm4XY5u80MLcTXEywDZjByVzNro6zKMz3Ixd_GS-9YC0BQu_MF6m14NcdGPN9FwUda2LeGFOiuTkUG-dS2Ps7jSAuiEsN-4ufCGKsuMastqqJgTrq5hV6uLG-nOQUzgCSvLWmCp-ccQqnDVRPx8PBea4XmIc5HxEKUhIK8xcdINlasGCsmqCJeegu7rsd7f8KIMGAwWJyQx8ILDAaL_M6_FcRD0ZB4SCUz6YCKACg67hB7gfix8gq46-XAAUwIYNeeWbGEmnO845V2hVsQSvbrgnxUEu_2dc8uV7FfbqSNHfCiFFsqMurC-14b8uqIynhI83QxcXFua7iP6QC-gzhVe7ZOvVYq4nVy4BQ2eAsB4ZriilqAFY_sr_T5ta5sojkxj-vFSNznrtaDtVabCx6uwtYoaSsa4iS8C9s52jaMh0wG2QQKxkK6RaYuM8uAlcC0vQV55Ejx6ohZxIIunpjuLD-WZyFXzas2euPsCv4CKvxTbGjRKd4O5O4R3kOc2mcT0N-4LHbKCX4Pb7Okrfh8yDQ9-q3ru9W60pKvGVLrErhMqenF8vgzBIUHeJO7h3nLKjGB2pvchFV2AO3JlwIBjBKOOuqmOIxeUnad1sYCZByE--feamY9_Jc-3315hp6IuAJMISGX5FPteP68_F6SDaE8qjStsgWXWcSsnJNo7CBmscRCmruCr16Mt64VRSYMcQBTHr-9yOEV-LHYkzTUUTGb4Q5vTfwjv-Ex-hvuXCJpDB3pDKWTuxxue5Y5I9b2iIjQRCAAVkFJ9ixgrcX29q0HMhF5kFubDOmOlZ1g856qRm_vJz69H02l7hKCszyCxV3RudMJCoI-A1TsNkLNtkaEKn4U5-Rd3d8vVXyMeP_0OJVQX9i7QBe9jZjA8mBhxxduReCasf6tZfvRfR4C_lM0YXAkpc2OJkZu_NWe6yuYoEwex-cD4A&cid=CAASJORoDxpg8b9c3n-_052G3P7EraBZd5Dai65FVbrb_f9Jze_4-w&rfl=1%2Chttps%253A%252F%252Fblogs.oglobo.globo.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 02:11:13 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220303/r20110914/ Frame 30D4 25 KB
9 KB 83ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220303/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5421be34bc9ac3564a6daa35c769d13876e5fa7c4a5ed4892e9e8c65d31c1e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9662
x-xss-protection: 0
server: cafe
etag: 2172778821077356944
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 01:34:26 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1B00 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1B00 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1B00 22 KB
9 KB 223ms
222ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2063796994291320&correlator=875678446451245&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220309&iu_parts=138871148%3A85042905%2Coglobo.globo.com.dw.970x250.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&fsapi=false&prev_scp=pwtdeal_ias%3DPMP_-_42_-_7e4ae9a8d525cb%26adt%3Dlow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fr%3Dfalse%26id%3D73b5f54d-9f4f-11ec-8d10-02c49424d9cb%26vw%3D40%252C50%252C60%26grm%3D40%26vw05%3D40%252C50%26vw10%3D40%26vw15%3D40%26ias-kw%3DIAS_8423_KW%252CIAS_8430_KW%26pwtsid%3D7e4ae9a8d525cb%26pwtbst%3D1%26pwtecp%3D0.01%26pwtdid%3D42%26pwtpid%3Dias%26pwtpubid%3D157163%26pwtprofid%3D4984%26pwtverid%3D3%26pwtsz%3D100x200%26pwtplt%3Ddisplay%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dfalse&eri=1&cookie=ID%3D404d49d9728db013%3AT%3D1646792412%3AS%3DALNI_MZHwAe96CKNVEqAZu0xnIpqAdTDWA&cdm=blogs.oglobo.globo.com&abxe=1&dt=1646792413544&lmt=1646792413&dlt=1646792412801&idt=226&biw=1600&bih=1200&isw=970&ish=250&oid=2&adxs=315&adys=5635&ucis=blqwvhgw9620&adks=2487537034&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&top=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=23&vis=1&scr_x=0&scr_y=0&psz=970x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=1281472035.1646792411&ga_sid=1646792414&ga_hid=1328798790&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0aa38142e5201d702b1906f31f8d929c91b868e72ff109603d081b7bb82628cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9481
x-xss-protection: 0
google-lineitem-id: 5770955185
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360694999
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1B00 14 KB
10 KB 104ms
58ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b315db7f1fbd55dcfdacec2453b101ccfe1acba66373b3860f030a2555bf2aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10710
x-xss-protection: 0

GET
H2 200 container.html Show response
10dfcc637640bfd66f3e72e55ad638ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1714 6 KB
3 KB 61ms
46ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10dfcc637640bfd66f3e72e55ad638ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 09 Mar 2022 02:20:13 GMT
expires: Thu, 09 Mar 2023 02:20:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 8A92 58 B
531 B 44ms
44ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&pid=Q6DkH1uY5U0IO&cb=0&ws=728x90&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.728x90.inter%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.728x90.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.79.193 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
x-amz-rid: MGWZ63ADST9R3S14HWGA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 58
x-amz-cf-id: m_clSh06kDsyQ5TufxqcbcODZnflGdCnStix16ZZbzNQcdwz73xUww==

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8A92 107 B
122 B 52ms
50ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8A92 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ Frame 8A92 0
10 KB 223ms
222ms Other
application/webbundle 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2642584640655552&correlator=3911857313468909&wbsu=c79822a6-74af-4cf3-a6a4-0eb92960512c&callback=googletag.wbn1&eid=31064835%2C31060545%2C31065455%2C31064624&output=wbn&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220309&iu_parts=138871148%3A85042905%2Coglobo.globo.com.dw.728x90.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&fsapi=false&prev_scp=pwtdeal_ias%3DPMP_-_42_-_7337fa62e7ac69%26adt%3Dlow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fr%3Dfalse%26id%3D73b61c9b-9f4f-11ec-9c43-02c790015d1e%26vw%3D40%252C50%252C60%26grm%3D40%26vw05%3D40%26vw15%3D40%26ias-kw%3DIAS_8423_KW%252CIAS_8430_KW%26pwtsid%3D7337fa62e7ac69%26pwtbst%3D1%26pwtecp%3D0.01%26pwtdid%3D42%26pwtpid%3Dias%26pwtpubid%3D157163%26pwtprofid%3D4984%26pwtverid%3D3%26pwtsz%3D100x200%26pwtplt%3Ddisplay%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dtrue&eri=1&cookie=ID%3D404d49d9728db013%3AT%3D1646792412%3AS%3DALNI_MZHwAe96CKNVEqAZu0xnIpqAdTDWA&cdm=blogs.oglobo.globo.com&abxe=1&dt=1646792413619&lmt=1646792413&dlt=1646792412895&idt=196&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=133&ucis=4ufky8to091o&adks=436941508&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&top=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1281472035.1646792411&ga_sid=1646792414&ga_hid=1999330620&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10256
x-xss-protection: 0
google-lineitem-id: 5770953283
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360277874
content-type: application/webbundle
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
URN 200
OK uuid:c79822a6-74af-4cf3-a6a4-0eb92960512c Show response
/ Frame 8A92 25 KB
25 KB 226ms
226ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

urn:uuid:c79822a6-74af-4cf3-a6a4-0eb92960512c

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

URN

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

ed83bb944d5a85b18b8c9e3ae89741c1cc0c1eeaecd9b51c86c5227195dedb8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8A92 13 KB
10 KB 55ms
55ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3f91cc3ea46920b403e2cd0e28f6ed77bbe8ae6e142d80cebcddeaf5c581c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10386
x-xss-protection: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame B270 1 KB
647 B 23ms
16ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1646792413637&uv=3137&tms=1646792413637&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7B66A271A5791670132137628214&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ec3163cce183e601cd03d439a7120880c421cef0cadc8313256de78486441a10

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Mar 2022 02:20:13 GMT
via: 1.1 varnish
x-served-by: cache-hhn4062-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1646792414.649765,VS0,VE10
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame A628 928 B
1022 B 27ms
16ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 02:20:13 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3408

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 35ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=31589837&cb=1646792413637&uv=3137&tms=1646792413637&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1646792405332!ts:1646792413637&mntl=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-length: 0
server: nginx

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 30D4 41 KB
15 KB 87ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 17:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 17:11:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 67A8 1 KB
749 B 38ms
38ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 08 Mar 2022 13:26:12 GMT
expires: Wed, 09 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 46441
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 30D4 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37428cea0deb6a6a1da7753b848789aedca646d3c95476b326e97423fc3ea87d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 1316 1 KB
599 B 24ms
24ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&cmcv=&pix=undefined&cb=1646792413667&uv=3137&tms=1646792413667&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=5BB2D05C078432612474415473&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7e10dbfb0283c0817331b260e5d431bf49b969e3ff862292752c747bdf39e1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Mar 2022 02:20:13 GMT
via: 1.1 varnish
x-served-by: cache-hhn4062-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1646792414.681933,VS0,VE10
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 7EFC 928 B
1013 B 23ms
23ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 02:20:13 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 17ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66353675&crid=5590795&dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&cmcv=&pix=31589837&cb=1646792413667&uv=3137&tms=1646792413667&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1646792405332!ts:1646792413667&mntl=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-length: 0
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B00 17 KB
6 KB 68ms
50ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 02:20:13 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
122 KB 190ms
103ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7492476dfa60f0146889b13e37c67fd1a70e42e6ddb017c0c08e25148fd8985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124424
x-xss-protection: 0
expires: Wed, 09 Mar 2022 02:20:13 GMT

GET
H2 200 ima3_dai.js Show response
imasdk.googleapis.com/js/sdkloader/ 427 KB
142 KB 135ms
48ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3_dai.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5141781ae3fd5addc6cfe635f6d63ff49c618c8b4de29c02050bfb1c1c20c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145086
x-xss-protection: 0
expires: Wed, 09 Mar 2022 02:20:13 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A92 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 02:20:13 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B270 70 B
264 B 100ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1646792413637&uv=3137&tms=1646792413637&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7B66A271A5791670132137628214&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame B270 43 B
182 B 306ms
97ms Image
image/gif 2600:1f18:612b:4200:b61c:5ded:72b6:ee33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1646792413637&uv=3137&tms=1646792413637&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7B66A271A5791670132137628214&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b61c:5ded:72b6:ee33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame B270
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&

0
98 B

30ms
15ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1646792413637&uv=3137&tms=1646792413637&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7B66A271A5791670132137628214&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16391

Redirect headers

Date: Wed, 09 Mar 2022 02:20:13 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 6
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B270 43 B
235 B 378ms
104ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1646792413637&uv=3137&tms=1646792413637&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7B66A271A5791670132137628214&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A628 70 B
264 B 95ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame A628 43 B
182 B 301ms
97ms Image
image/gif 2600:1f18:612b:4200:b61c:5ded:72b6:ee33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b61c:5ded:72b6:ee33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame A628
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&

0
98 B

30ms
15ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16391

Redirect headers

Date: Wed, 09 Mar 2022 02:20:13 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 91
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame A628 43 B
235 B 378ms
104ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame A628
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XJU3n4BE2uE00MPcRciZ9bHSYk3b5zZSq5SUkQo-~A

0
98 B

40ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XJU3n4BE2uE00MPcRciZ9bHSYk3b5zZSq5SUkQo-~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17284

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XJU3n4BE2uE00MPcRciZ9bHSYk3b5zZSq5SUkQo-~A
date: Wed, 09 Mar 2022 02:20:13 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C34 0
0 75ms
74ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxnTC7Nh9Jf9kFSA6rOqx06tCJbTt94qm-4It943LVJlog7iLA9EEODLgZl8IOxK2fnPgoATcfRVODBMDoXnenP8wxbCom0oQLvLhaDMx2Yp4KzZZ8IhnH4yf2TmZvCngUDcvAXDVPUKbYYvvZKhI60h-A5gkeoJ2w9p5Kl2aLKnv8Kh25TSJbJa48b77-l2iMvw1noJKY6sc_xPB_SkitSlVi4UyxF5D7ToOu_qRgqra-YzzuWZuz01y2xs2i-zxuxvjY32iBNZJQpLZdaqjVKgi-bbQ0SZLtwEGwKn7GTEmipq_MqO9idg8RrxB2GJbWc4DVtpycF0asVpbsNzSQv6NwieI&sig=Cg0ArKJSzNOolcqymtHsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK a9floorcheck.js Show response
s3.amazonaws.com/script-tags/ Frame 5C34 3 KB
3 KB 106ms
105ms Script
application/javascript 52.217.11.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.11.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00fcdbd28afe964a4bec63932d5f6348abd89e19ed1f990723a6ab9ca8701cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Last-Modified: Wed, 03 Apr 2019 18:47:26 GMT
Server: AmazonS3
x-amz-request-id: DV3BW5SDRBVQ1WM1
ETag: "2d4b0d964f2c5927dffbf65da033636a"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2655
x-amz-id-2: A2F4DcwQ4c8NwgwZhc0C9RR5OzK7zsGaw135qYi/Wvg5HbFFEoRllvfgbX7X/x33x/SDV8vKOSM=

GET
H/1.1 200
OK prebidpubs.js Show response
s3.amazonaws.com/script-tags/ Frame 5C34 311 KB
311 KB 108ms
107ms Script
application/javascript 52.217.11.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.11.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c771d688cb34399f9f33f7d6ccd2a3ec17a9bb758923d736a3d1942510e963a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Last-Modified: Tue, 03 Aug 2021 21:19:14 GMT
Server: AmazonS3
x-amz-request-id: DV332JVDTK1MTREG
ETag: "5dbd5fb11fd60ffbccab312faa64a2fd"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 318400
x-amz-id-2: rbIzbUBaIv0gzfJcwSarI0Fp1MNlSivXPKcMZba+fuHkJt1EturcrPrAKzuCxSnPebd77K67Vgc=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C34 124 KB
38 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 02:20:13 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7EFC 70 B
264 B 64ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 7EFC 43 B
182 B 270ms
97ms Image
image/gif 2600:1f18:612b:4200:b61c:5ded:72b6:ee33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b61c:5ded:72b6:ee33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 7EFC
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&

0
98 B

29ms
15ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16391

Redirect headers

Date: Wed, 09 Mar 2022 02:20:13 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 90
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 7EFC 43 B
235 B 370ms
108ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 7EFC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XJU3n4BE2uE00MPcRciZ9bHSYk3b5zZSq5SUkQo-~A

0
98 B

35ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XJU3n4BE2uE00MPcRciZ9bHSYk3b5zZSq5SUkQo-~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17284

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XJU3n4BE2uE00MPcRciZ9bHSYk3b5zZSq5SUkQo-~A
date: Wed, 09 Mar 2022 02:20:13 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 1316 43 B
183 B 269ms
96ms Image
image/gif 2600:1f18:612b:4200:b61c:5ded:72b6:ee33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&cmcv=&pix=undefined&cb=1646792413667&uv=3137&tms=1646792413667&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=5BB2D05C078432612474415473&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b61c:5ded:72b6:ee33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1316 70 B
265 B 62ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&cmcv=&pix=undefined&cb=1646792413667&uv=3137&tms=1646792413667&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=5BB2D05C078432612474415473&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 1316
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&

0
98 B

29ms
14ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&cmcv=&pix=undefined&cb=1646792413667&uv=3137&tms=1646792413667&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=5BB2D05C078432612474415473&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16391

Redirect headers

Date: Wed, 09 Mar 2022 02:20:13 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=73ff6a16-9f4f-11ec-97a3-18c6427b0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 72
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 1316 43 B
235 B 370ms
108ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&cmcv=&pix=undefined&cb=1646792413667&uv=3137&tms=1646792413667&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=5BB2D05C078432612474415473&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 76D6 4 KB
2 KB 85ms
39ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7e7c9a58c561d93f29fab3943724cefdd1bb12a6183e2b449a56236f8cc783b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1568
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 06 Mar 2022 16:07:43 GMT
expires: Mon, 06 Mar 2023 16:07:43 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
content-type: text/html
age: 209550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 30D4 0
571 B 181ms
81ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyPKDaA_LKfcNOfwEEiby0nc0KuKlVZ-4XjSfPMKs-A2x77j5LlabLGqE7WnRFfrTnXAWqCzjmSq69nccgu8bVyuwcSlzy_Y_0dmwj3UViX_KQ1UAHHwbTl0iQKWgCo2cKPvC_sIQM2MuITabRwzj9wph0mk2bvyMMc1kWGw3MNo0o6Pqo7TA2A2oD3deoC8dkpTkDtqxMV0qXfrBanp7hbjTjAaiJv6cF6noTbf_-rmcggW7PVIsjx9sSLyLO_5eI9D7SgagaZWMf52EBZGAdUZTNx7uWr0Z7x6GR2AeTiUugUpDV7v9vkZS9knOcP_qkpXjTDvnnkh3l9o3vqKWNjf5wKqA6yzJYrNdx0Mo4871D8jRNcemK_Gnh3mvTODd6cIy0_zZPgbvgpKCk3KB_juqgHrlVpgIjcJXERtCiJyKE-SXe6v0IcfzF03RzwP654z94FLMT6t8_8o6ap6sK7MyFCfy4aoslw-PcDGb8nQW6MnQRUSDWfI09850S7OE2ubF8A1yY21QXm7ZQdhqmpjp2wFsnePEINOVX1GPkGUBeDrI99zhFJVpg2ohyu1bWh8sRRUGp-nvz47Tih4WhmKO7gAR7pLknLXdSChSl6g2QHBkmbjBtdpcbVZI5oj0BpEQPDxCnxDENgfGqgJFC2J9GQQtSUcWip_ysiFFT67QwFaYYpW_7vQdfCbM2s7xmXBAekNDc8ApNZd34nUKOxVbCAT2X0lyoFz6q5BGijbGOC44fPkTMrgzwRG_U3FRTUuVcJaK8hu7mXwNa1NFy2Po4eUrthrFk-tbZVXnoyl8mDPDFUKsdjRBZ7ZR3lXmkWA7xoWSmsQQHWH_xcrYxSxl7h1STmyygT68rDEEAulEMrb1Hn8YIeTq-SK3QnUQlq86xVD0BF2fBpETNwoG2lGec8naOsvZHlBmtlkiQVvd3q2ej9g9Gxh3f7DybCL6uwVrRs8fTprX6nKjVlMnXbpumWHnPLywsKho6VLAYO9JhgbiApKMgO8lXUTTeljcr99n4L3SvGmThGFXyPIIzzb5Y8qZp49qY007DBv70dYkYnrBk-wCNyMH-57VYW1dXNqdq23zGhnnzuZ6PJm3wKAnukWxWk-Wmra5LOuTeMt0GOuc7_E52H8S3RR9ASQUCjr3sDqF3fYJ6_WVQVEaq3Q8yXFoMLyHjOFrb1dXzaJyKUiwX0mzz2dEOvBp_PNHBmqETbb72EIhZYXdmtoQ06x3o_n5ooJBOgQTm5QaJZXvYnhdh6rPnG-hE5wOFN1MKTW7uSi5789vq4zvwxanG789HHIxAgQ9hR3N8mo4&sai=AMfl-YR_BYI3UsG1oa31xyWQ5wo6UK2S8ozQhwvE3VmZEzwjXhX1vss9Kv6aG2gyH6-G_lVJAecCyfnrDP1a7tPSAjdeG_At1KfzbDKII0pSh1UJgMI8R0Jh4a36aFWAmMNqF1u1jSdzZgfc-ghqR48I-szUPrDXGY7HDl2Jyc0bpDU0RgQ2xuIZIv9X4UkkERWuTB-TqqP9JYZhDZuHanAMHQ&sig=Cg0ArKJSzF_6YlITPn_iEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=305&cbvp=1&cstd=302&cisv=r20220303.91333&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 09 Mar 2022 02:20:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 30D4
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine___330033534&atb_dpuid=di_&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

10ms
7ms

Image
image/gif

3.124.122.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 3.124.122.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-122-159.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:13 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Wed, 09 Mar 2022 02:20:13 GMT
Last-Modified: Wed, 09 Mar 2022 02:20:13 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B959 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 17:11:58 GMT
expires: Wed, 08 Mar 2023 17:11:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 32895
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C85B 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 19:45:56 GMT
expires: Wed, 08 Mar 2023 19:45:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 23657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A7A0 783 B
536 B 48ms
48ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec386a4ca87d13d637bf50f784966a8a9bd9dceeb0a1752b22b723abe1fa8d38

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yd7935mGQ3Ntu4o1rSaQGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 09 Mar 2022 02:20:13 GMT
date: Wed, 09 Mar 2022 02:20:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Yd7935mGQ3Ntu4o1rSaQGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 67A8 35 B
463 B 33ms
8ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENUjHCPZ5e_oy83KRjKH4lU&google_cver=1&google_push=AYg5qPIeR4gldwOpGWCIaMFwh0thWb-ZnU0j_4CvLltY0pCRdpcmNC3uszaOiD4q5Tt3BZJ_BnlAfgbzSh84pGMU1CEqWc_ceqAL

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 67A8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEF3rBqSXtzKCXzzwaoz_2is&google_cver=1&google_push=AYg5qPI4U75Tf-EY1UBRQDAAKqSylP9-W9BoRzq8uh4FkiNFBf7PdQ4ydxGjae3nysFB7zubkAWtDoB8hpDOjtPP...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI4U75Tf-EY1UBRQDAAKqSylP9-W9BoRzq8uh4FkiNFBf7PdQ4ydxGjae3nysFB7zubkAWtDoB8hpDOjtPPvO3qnbExwDW9

170 B
188 B

49ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI4U75Tf-EY1UBRQDAAKqSylP9-W9BoRzq8uh4FkiNFBf7PdQ4ydxGjae3nysFB7zubkAWtDoB8hpDOjtPPvO3qnbExwDW9

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 09 Mar 2022 02:20:13 GMT
Server: MT3 4245 b916d47 master cdg-pixel-x30 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI4U75Tf-EY1UBRQDAAKqSylP9-W9BoRzq8uh4FkiNFBf7PdQ4ydxGjae3nysFB7zubkAWtDoB8hpDOjtPPvO3qnbExwDW9
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 09 Mar 2022 02:20:12 GMT

GET 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 67A8 0
0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 67A8 0
173 B 57ms
18ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAe-eyF4eNDpOXf3EZ_AOpY&google_cver=1&google_push=AYg5qPJnh4wSTxu-TOj7MksL2Ryq9zf1pOGxdp45hoJM2DdY8LP_KMC5fuG1FpmKnvjsnPL71Mbs577FEgC6rnO0F708ifoedGEs
Requested by: Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 67A8
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOR7QAop1q3zc-KBZPJ_ORQ&google_cver=1&google_push=AYg5qPImAuvgA5nB8HG9Y1bmMQb0pc9VCOMQyQriR-IMlAxsNIyjUBk7PI06bqNv4hlVhiyxB3UDHesgVeW4ZfiQ...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZwEJQRb0Rh6zEu9gITRJTA2&google_push=AYg5qPImAuvgA5nB8HG9Y1bmMQb0pc9VCOMQyQriR-IMlAxsNIyjUBk7PI06bqNv4hlVhiyxB3UDHesgVeW4ZfiQtwiA_rcuyWA

170 B
188 B

49ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZwEJQRb0Rh6zEu9gITRJTA2&google_push=AYg5qPImAuvgA5nB8HG9Y1bmMQb0pc9VCOMQyQriR-IMlAxsNIyjUBk7PI06bqNv4hlVhiyxB3UDHesgVeW4ZfiQtwiA_rcuyWA

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 09 Mar 2022 02:20:13 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZwEJQRb0Rh6zEu9gITRJTA2&google_push=AYg5qPImAuvgA5nB8HG9Y1bmMQb0pc9VCOMQyQriR-IMlAxsNIyjUBk7PI06bqNv4hlVhiyxB3UDHesgVeW4ZfiQtwiA_rcuyWA
x-host: tde-deliveryengine-production-6b8798558c-rkz9s
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 67A8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEARxa-pggEzcOJT-jDTz8B8&google_cver=1&google_push=AYg5qPLldaz80L9SUQ8GMM0f7w_d68bCw8QI4MX22HfLLc1mQD01Hbk5Wf4B1YQCQnYbpogSvEV3Bc-GrcF5TyUJidmZC9y...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLldaz80L9SUQ8GMM0f7w_d68bCw8QI4MX22HfLLc1mQD01Hbk5Wf4B1YQCQnYbpogSvEV3Bc-GrcF5TyUJidmZC9ypdqCJ&google_hm=MTUyOTYzNTE5MDQzOTc3OD...

170 B
188 B

50ms
50ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLldaz80L9SUQ8GMM0f7w_d68bCw8QI4MX22HfLLc1mQD01Hbk5Wf4B1YQCQnYbpogSvEV3Bc-GrcF5TyUJidmZC9ypdqCJ&google_hm=MTUyOTYzNTE5MDQzOTc3ODEzMQ%3D%3D

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 09 Mar 2022 02:20:13 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLldaz80L9SUQ8GMM0f7w_d68bCw8QI4MX22HfLLc1mQD01Hbk5Wf4B1YQCQnYbpogSvEV3Bc-GrcF5TyUJidmZC9ypdqCJ&google_hm=MTUyOTYzNTE5MDQzOTc3ODEzMQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 67A8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELOjYgtoXkf-ohS1YX9pAcE&google_cver=1&google_push=AYg5qPKWLq36LcmqFbGYVNER5bFHG26cyESAJSFRKg2XaF0j7D-A9vaurHmV4r_WOqiHKfIFvD...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jS29TUlFwRTJ1RW1kcWRfQzYwck9KZ1VtcmFCNVppRH5B&google_push=AYg5qPKWLq36LcmqFbGYVNER5bFHG26cyESAJSFRKg2XaF0j7D-A9vaur...

170 B
188 B

52ms
48ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jS29TUlFwRTJ1RW1kcWRfQzYwck9KZ1VtcmFCNVppRH5B&google_push=AYg5qPKWLq36LcmqFbGYVNER5bFHG26cyESAJSFRKg2XaF0j7D-A9vaurHmV4r_WOqiHKfIFvDxkccKItXoqXmf_Vo4R292fSURgGQ

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jS29TUlFwRTJ1RW1kcWRfQzYwck9KZ1VtcmFCNVppRH5B&google_push=AYg5qPKWLq36LcmqFbGYVNER5bFHG26cyESAJSFRKg2XaF0j7D-A9vaurHmV4r_WOqiHKfIFvDxkccKItXoqXmf_Vo4R292fSURgGQ
date: Wed, 09 Mar 2022 02:20:13 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 67A8 0
13 B 48ms
47ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDhnQIrt0aEs-e4BOV6Gs3aXW4ObVuMtQ_iJKTl_RuimcjpJLzRgpHoOfWRCwms0wp29dMnQ

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F295 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 19:45:56 GMT
expires: Wed, 08 Mar 2023 19:45:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 23657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 786A 783 B
535 B 50ms
50ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

deb60698346c9113053d9c80c4887eb5d972354ce1473cdde2d4bbc5795e93e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s4O6fuo3QDrnw1xEKN/2yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 09 Mar 2022 02:20:13 GMT
date: Wed, 09 Mar 2022 02:20:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-s4O6fuo3QDrnw1xEKN/2yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6D3 0
0 73ms
73ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhTLRIeJG6jmTkort9K6ZXCcg2Nawh60P96pVzTM9Q8LLdIf0V2R9BIX-mOuutcWdIV8WTCKdIeoY52IFjhRHOxxfLATt17VDX1qRkUY2qhBrSaMohYJPLec9Of3DdgjuvXQySJVfxbiuuChcWQTq4r6LuwvvA_5e7gY5P27s7KceoYuau-xfFOpt4yGSLXQPNB60UCkQnTt5amF70WurBQwKyD4bRLYrm304HJ1oXeboz6uyFwd8Z3cvSKmmz58jB9h4RoWqviYICfS2-kCUyT3JNAtwgqPl6nk4usqR3bPzgzDgom05VwrKWQVwi86VjY_EXIzikn1Vaq3J_WjyhWgYozQ&sig=Cg0ArKJSzFr-W5IOCqxxEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK a9floorcheck.js Show response
s3.amazonaws.com/script-tags/ Frame B6D3 3 KB
3 KB 159ms
109ms Script
application/javascript 52.217.11.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.11.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00fcdbd28afe964a4bec63932d5f6348abd89e19ed1f990723a6ab9ca8701cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Last-Modified: Wed, 03 Apr 2019 18:47:26 GMT
Server: AmazonS3
x-amz-request-id: DV3EZ3JWSFPMA5HT
ETag: "2d4b0d964f2c5927dffbf65da033636a"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2655
x-amz-id-2: GZUwv1AO0cR5vhVPOk5K4/hDx16Kwo38+RXIQOCibIPROF7FC1NX4Vl75JbvaH6lCCyIZx9KaOQ=

GET
H/1.1 200
OK prebidpubs.js Show response
s3.amazonaws.com/script-tags/ Frame B6D3 311 KB
311 KB 266ms
106ms Script
application/javascript 52.217.11.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.11.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c771d688cb34399f9f33f7d6ccd2a3ec17a9bb758923d736a3d1942510e963a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:15 GMT
Last-Modified: Tue, 03 Aug 2021 21:19:14 GMT
Server: AmazonS3
x-amz-request-id: NAQ5WQA5JJJD47DR
ETag: "5dbd5fb11fd60ffbccab312faa64a2fd"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 318400
x-amz-id-2: DlfFeB/Jycj6kBXb1/eBv9rdrzofpJSyWWp0SJgB4THhpTsCgK2Hwo7gWnfuy5BvEBimZ6f0pUk=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6D3 124 KB
38 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 02:20:13 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 76D6 1 KB
520 B 41ms
41ms Stylesheet
text/css 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93dd9bdfb4786776e0be67aeb0f1bd07f2c8164d05c859888ea58aa5130afb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 16:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 491
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Mar 2023 16:07:43 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 76D6 109 KB
37 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 02:20:13 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 76D6 8 KB
2 KB 41ms
40ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 16:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2182
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Mar 2023 16:07:43 GMT

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame B959 35 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 19:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 19:07:18 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 5C34 134 KB
36 KB 17ms
15ms Script
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 57
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0V246RBR7JGS9NE9Z2ZN
date: Wed, 09 Mar 2022 02:19:22 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: szOSY9hZD3b6GE_A_U4ZnQRzgZneupZ4WYTdzQlvF1CWMMaZYEN8rg==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A7A0 0
0 63ms
63ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=2063796994291320&rc=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 786A 0
0 62ms
62ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=2642584640655552&rc=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame C85B 35 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 19:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 19:07:18 GMT

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame F295 35 KB
14 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 19:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 19:07:18 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 5C34 385 B
737 B 14ms
14ms XHR
application/json 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:43:41 GMT
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
server: Server
age: 5791
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-length: 385
x-amz-cf-id: L3FyMzM0hQjx7Zg-Slf710aZG1cIOTipPAzrUcHqDDIsg_UpbFrm1g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5C34 6 KB
3 KB 15ms
15ms XHR
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 62634
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Tue, 08 Mar 2022 08:56:20 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: p6hemDRDgbcCZXhBXY8hZHR95ifVSPhynRQq8V-DAVdy0odV_mqxnQ==

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 02C2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

45ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V75B0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHGjWhUEaE1YawG442k9liMtqNRovVaLcZgkZNKJQRYbUh7IajzWS2WAwHy91iuZwNphBhLJfJoBZIWGa_7yBo-FxuCKRF0-nwue71ErPf57nrfWa_xW_Xmf0Wv13jd_vVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2-1ent7_zd10-Lvfc5fucXabTy3JTnd7-tsvkdL3dK7fDabapTm9_x-E2PJw-u3vu8n1OD8vJZQcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQAojoRzWTwP0-ll9gcAwIMCCACAAAYJQAHvaQnAx9nMCQAAAAAAAAAAy____3_MAL3eggyAyHtOD8CDD8ADUUFqESMAAACA3OpN0aNJnVBZVAEAEKRbAVwBAAT8selBiIQBAAAMjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzShoij2tKCRmRm1X0AAgLVfQAAANnUDAHgTgAs6g5zNJqvZ6hRiN5wNdpPBcDY7AAAAgLv___9_PZAwbna7hcmycQ5Wi5HDYVjYHBPTxOZbzVzD4Wi4Pfhms1hu7IKxvglhmf2-g6DhcxnEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYcmx8k93E4RYtdpO1aDmcuZUjy3CtWo42Lttw4rJMTGvR62N6ThbL0WrjRcGAtr0ILtKJyuQ0_S0Pn9lv8bv1PrPf4reIJZqTRTqRXfYN42a3W5gsG-dgtRg5HIaFzTExTWy-1cw1HI6G-5Zj45vsJg63aLGbrEXL4cytHFmGa9VytHHZhhOXZWJai14f03OyWI5WG39jNprtlpPRYrJvzEaz3XIyWkz2HTrDd_U5G2Xbc8qjszy2PaEyZj4oXAaL9ycxLabd2cHz-x2dOvVLWdQZhZfv0WtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU40ts3EsrJ5bC7TYLkZDiYW02zjsBh3q83Is1xsJmKJ0nSRTvRqh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqbLeo_PsRwNZcsNnPFajVXzCarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwFhlhw!&cmcv=&pix=undefined&cb=1646792413667&uv=3137&tms=1646792413667&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=5BB2D05C078432612474415473&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 02:20:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C859
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

43ms
6ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7c-0CFgNanLDWrYSkbgRanLDWrYSkbgUAAAAGBvQHHDehzRaU3WLB2i0Xs91gsZksNrvZZDhZjIawcRPabEHZLRas3XIx2w0Wk8lothuMRsPdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUR8K5LJ6H6fQy-wMA4EEBBABAAIMEoID3tATg42zmBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBqEC0iBEAAABAbvWm6NGkTqgsqgAACNKtAK4AAAL-2PQgIMIAAAAGxhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5pQURR7WtDIzIzaLyAAwNovIAAAm7oBALwJwAWdQc5mk9VsdQqxG84Gu8lgOJsdAAAAwN3___-_HkgYN7vdwmTZOAerxcjhMCxsjolpYvOtZq7hcDTcHnyzWSw3dsFYX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgw5dj4JruJwy1a7CZr0XI4cytHluFatRxtXLbhxGWZmNai18f0nCyWo9XGi4IBbXsRXKQTlclp-lsePrPf4nfrfWa_xW8RSzQni3Qiu-wbxs1utzBZNs7BajFyOAwLm2Nimth8q5lrOBwN9y3HxjfZTRxu0WI3WYuWw5lbObIM16rlaOOyDScuy8S0Fr0-pudksRytNv7GbDTbLSejxWTfmI1mu-VktJjsO3SG7-pzNsq255RHZ3lse0JlzHxQuAwW709iWky7s4Pn9zs6deqXsqgzCi_fo9eg8Bw8qsXfGhZ2DsvqbFtWOA4GRSwRnC7SiehlPF3EEsnTIp1oFpvdymUxLjaW5Wjj8kwsk91iOBiNFibXxLUcTMQSpekinejVDrPrrXN4Dg_LX_D3nP5Kz8vucfjdIpdb9LA8bQ634GF5uBWeh1vkMpsebpnf6Ra8TE6T3y1yuRVup8_vFrncEr_Z87c7LH-70PQ2W9R_fIjhai5ZbOaK1WqumE1WCQAAAAAAAABgCXPmTQAAAABOg9mtlrvVcgEk_ix1gUEAAAAAAAB2MeOt1TZJAlmKGz-eKJPT9Lc8fGa_xe_W-8x-i9_KABJuosybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1646792413637&uv=3137&tms=1646792413637&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7B66A271A5791670132137628214&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 02:20:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Wed, 09 Mar 2022 02:20:13 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 5C34 38 KB
11 KB 9ms
9ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 09 Mar 2022 02:19:01 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 167481024

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame B6D3 134 KB
36 KB 16ms
16ms Script
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 58
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0V246RBR7JGS9NE9Z2ZN
date: Wed, 09 Mar 2022 02:19:22 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: VAfRjJBs7uzKGxUXKVnHiA_8gI4KzIMWdf_2KaVltcag6hhlZswlFw==

POST
H2 204 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 0
58 B 24ms
24ms XHR
text/plain 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cf-ray: 6e90548c785c9b2b-FRA

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 25ms
25ms Preflight 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e90548c5f9e9bbc-FRA

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C859 32 KB
10 KB 7ms
6ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a8377a9082c8d825d0b0201d27c3c2c87638da830ac18482477240dfecff6baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=66144
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9536
Expires: Wed, 09 Mar 2022 20:42:38 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 02C2 32 KB
10 KB 7ms
6ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a8377a9082c8d825d0b0201d27c3c2c87638da830ac18482477240dfecff6baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=66144
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9536
Expires: Wed, 09 Mar 2022 20:42:38 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 76D6 30 KB
30 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/bg1.jpg

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6317cb9eae37b490a553e682b2d8fac09e3866a149c0acb3b90b26d2b1a908ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:29 GMT
x-content-type-options: nosniff
age: 404925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31197
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:29 GMT

GET
H3 200 b1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 76D6 454 B
481 B 53ms
50ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/b1.png

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b5db3bb38bd76da9e83a688bdcc8001ea36d2d9721b598c01e8e1c3a5325e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:29 GMT
x-content-type-options: nosniff
age: 404925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 454
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:29 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 76D6 13 KB
13 KB 53ms
51ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h1.png

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00215534b8bfbee85755fa9aa4a9b6991284de6c25528d09fa2bb7298a2b0519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:29 GMT
x-content-type-options: nosniff
age: 404925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13570
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:29 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 76D6 11 KB
11 KB 61ms
59ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h2.png

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1bdf6f2f0ae6db22067d27ff6560f2720ea2cddcbe953d4e317d2e7e8b17328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:29 GMT
x-content-type-options: nosniff
age: 404925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11140
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:29 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 76D6 2 KB
2 KB 68ms
66ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h3.png

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d257e529cf82beeb2dce7c62b7f7deb6747384677d1f4b5ff6e7c7936278e717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:29 GMT
x-content-type-options: nosniff
age: 404925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2211
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:29 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 76D6 1 KB
2 KB 68ms
66ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/cta.png

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33ac7c2a73fd64b2ea828e6a46e26d79a25439d11db5cf50b532af5697ff85d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:29 GMT
x-content-type-options: nosniff
age: 404925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1527
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:29 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 76D6 1 KB
1 KB 80ms
78ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/logo.png

Requested by

Host: cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com
URL: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c6676f4aae666c5dd775495b931dbcee43f6c3b09f2fb7cf07b108a445d4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:29 GMT
x-content-type-options: nosniff
age: 404925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1159
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:29 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 30D4 0
23 B 123ms
77ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyPKDaA_LKfcNOfwEEiby0nc0KuKlVZ-4XjSfPMKs-A2x77j5LlabLGqE7WnRFfrTnXAWqCzjmSq69nccgu8bVyuwcSlzy_Y_0dmwj3UViX_KQ1UAHHwbTl0iQKWgCo2cKPvC_sIQM2MuITabRwzj9wph0mk2bvyMMc1kWGw3MNo0o6Pqo7TA2A2oD3deoC8dkpTkDtqxMV0qXfrBanp7hbjTjAaiJv6cF6noTbf_-rmcggW7PVIsjx9sSLyLO_5eI9D7SgagaZWMf52EBZGAdUZTNx7uWr0Z7x6GR2AeTiUugUpDV7v9vkZS9knOcP_qkpXjTDvnnkh3l9o3vqKWNjf5wKqA6yzJYrNdx0Mo4871D8jRNcemK_Gnh3mvTODd6cIy0_zZPgbvgpKCk3KB_juqgHrlVpgIjcJXERtCiJyKE-SXe6v0IcfzF03RzwP654z94FLMT6t8_8o6ap6sK7MyFCfy4aoslw-PcDGb8nQW6MnQRUSDWfI09850S7OE2ubF8A1yY21QXm7ZQdhqmpjp2wFsnePEINOVX1GPkGUBeDrI99zhFJVpg2ohyu1bWh8sRRUGp-nvz47Tih4WhmKO7gAR7pLknLXdSChSl6g2QHBkmbjBtdpcbVZI5oj0BpEQPDxCnxDENgfGqgJFC2J9GQQtSUcWip_ysiFFT67QwFaYYpW_7vQdfCbM2s7xmXBAekNDc8ApNZd34nUKOxVbCAT2X0lyoFz6q5BGijbGOC44fPkTMrgzwRG_U3FRTUuVcJaK8hu7mXwNa1NFy2Po4eUrthrFk-tbZVXnoyl8mDPDFUKsdjRBZ7ZR3lXmkWA7xoWSmsQQHWH_xcrYxSxl7h1STmyygT68rDEEAulEMrb1Hn8YIeTq-SK3QnUQlq86xVD0BF2fBpETNwoG2lGec8naOsvZHlBmtlkiQVvd3q2ej9g9Gxh3f7DybCL6uwVrRs8fTprX6nKjVlMnXbpumWHnPLywsKho6VLAYO9JhgbiApKMgO8lXUTTeljcr99n4L3SvGmThGFXyPIIzzb5Y8qZp49qY007DBv70dYkYnrBk-wCNyMH-57VYW1dXNqdq23zGhnnzuZ6PJm3wKAnukWxWk-Wmra5LOuTeMt0GOuc7_E52H8S3RR9ASQUCjr3sDqF3fYJ6_WVQVEaq3Q8yXFoMLyHjOFrb1dXzaJyKUiwX0mzz2dEOvBp_PNHBmqETbb72EIhZYXdmtoQ06x3o_n5ooJBOgQTm5QaJZXvYnhdh6rPnG-hE5wOFN1MKTW7uSi5789vq4zvwxanG789HHIxAgQ9hR3N8mo4&sai=AMfl-YR_BYI3UsG1oa31xyWQ5wo6UK2S8ozQhwvE3VmZEzwjXhX1vss9Kv6aG2gyH6-G_lVJAecCyfnrDP1a7tPSAjdeG_At1KfzbDKII0pSh1UJgMI8R0Jh4a36aFWAmMNqF1u1jSdzZgfc-ghqR48I-szUPrDXGY7HDl2Jyc0bpDU0RgQ2xuIZIv9X4UkkERWuTB-TqqP9JYZhDZuHanAMHQ&sig=Cg0ArKJSzF_6YlITPn_iEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=623&vt=11&dtpt=318&dett=3&cstd=302&cisv=r20220303.91333&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame C859 0
239 B 62ms
7ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=L0IXOLKN-O-B0ST
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame B6D3 385 B
736 B 15ms
15ms XHR
application/json 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:43:41 GMT
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
server: Server
age: 5792
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-length: 385
x-amz-cf-id: xcc821Tq-cyAXxWOfcFhrk1zvp55SyiukhnZc-65DcXjwrgP-avGrA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B6D3 6 KB
3 KB 15ms
15ms XHR
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 62635
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Tue, 08 Mar 2022 08:56:20 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Sitra3APA-s8f7tM-torM3-VAbOpD4hvdaS51tFz_WZ-VbaCBhPacg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame B6D3 38 KB
11 KB 10ms
9ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 09 Mar 2022 02:19:01 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 167481024

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5C34 416 B
879 B 94ms
94ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1798354&size_id=57&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=oglobo.globo.com.dw.970x250.inter.cdmx&tg_i.pbadslot=138871148%2Foglobo.globo.com.dw.970x250.inter&tg_i.dfp_ad_unit_code=138871148%2Foglobo.globo.com.dw.970x250.inter&tk_flint=pbjs_lite_v4.43.3&x_source.tid=18b2b141-9578-405f-8d26-6e4c629780c2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9042728884448454
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 67d41386c279e429f83b90e0037f9524e0432f655e6c8289e8f5fd1e66b1b5c8

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:14 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 416
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 5C34 23 B
526 B 18ms
18ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.3
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 27b6d98c69f52397ae8d526c27a28cbc27ef33189b0cfe34ff8eabaa76170091

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5C34 143 B
1 KB 117ms
116ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

32f827f3d131ac18c28b411de404e6a72ce0b7285cda0de57f0575197eb3d421

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:14 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c1e7b1b8-c654-492f-85b0-61ac4f70de35
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 5C34 0
65 B 63ms
63ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
date: Wed, 09 Mar 2022 02:20:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ Frame 5C34 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edea09b08c5cf8efdbb5496d5f930dbaa51192f21d08419ab7e81b1ef45654c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C34 0
0 74ms
74ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6ft8HaaAWJPDMhJLAf2GYBOjHjaxBncSD7n7XpEyyZbGgPsCLG_O3KG-l7ff7WD7AEt49GlHbRwkN7KoOFTMMi5FXdoukRMkfJs7E3-_uQ5KSbHDi84VQM0bO6lU1qdMce_1jNgF31HhoaeK_GN080K-lhJkpPiXEqwz9poRucKHxxmm6o3ZW6eXGB-rlTPKJbgOQ8sUdnQx3l6_FTKC7Zp-51oxQYltsJAq2DDtJd68CUEtnPwpT6_vaE42qtqmmcedJEvXuo-VDJtCK8rsldwUPqo_zO53aUBspy7WyYw3MDmADGMqE-zku1oLyvPTzFcKLTRpjJDFatE9CAE3SjrYDIpGldA&sig=Cg0ArKJSzFJIs0yUFYsQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 02:20:14 GMT

POST
H2 204 bulk Show response
trc.taboola.com/editoraglobo-oglobo/log/3/ 0
151 B 15ms
15ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-oglobo/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=4
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 09 Mar 2022 02:20:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1646792414.306899,VS0,VE9
x-served-by: cache-hhn4062-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame C859
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
645 B

104ms
104ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:14 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HFZMF0QANWP98DG8YJTP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:14 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GK57YBHZ2A0D0PRXRR5M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame C859
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0IXOLKN-O-B0ST&sigv=1&esig=2~6708c8a928d1f96cc56fc8bf612318db4d8783e2&gdpr=1&us_privacy=1---

0
194 B

73ms
20ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0IXOLKN-O-B0ST&sigv=1&esig=2~6708c8a928d1f96cc56fc8bf612318db4d8783e2&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0IXOLKN-O-B0ST&sigv=1&esig=2~6708c8a928d1f96cc56fc8bf612318db4d8783e2&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C859
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/420YqyRJHaZ0DxKsiGbLiw?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1529635190439778131

0
239 B

7ms
6ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1529635190439778131
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

Redirect headers

date: Wed, 09 Mar 2022 02:20:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1529635190439778131
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 451 709414.gif
id.rlcdn.com/ Frame C859 0
0 21ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C859
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEDElwYfX3WcXssDsjmQKRsw&google_cver=1

0
239 B

7ms
7ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEDElwYfX3WcXssDsjmQKRsw&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEDElwYfX3WcXssDsjmQKRsw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame C859
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0IXOLKN-O-B0ST&gdpr=1&us_privacy=1---

0
921 B

127ms
108ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0IXOLKN-O-B0ST&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:13 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7C8723B04731420187302803CE6A3197 Ref B: FRAEDGE1119 Ref C: 2022-03-09T02:20:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZv7zhoQcgJzM6ph8kkQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0IXOLKN-O-B0ST&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame C859 70 B
264 B 31ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C859
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjkxMjk0OWI1OWEyOWViNDhiZWFmNWQ4NTEyODJkMjhmM2JmZTQxNw&gdpr=1&us_privacy=1---

170 B
190 B

49ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjkxMjk0OWI1OWEyOWViNDhiZWFmNWQ4NTEyODJkMjhmM2JmZTQxNw&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjkxMjk0OWI1OWEyOWViNDhiZWFmNWQ4NTEyODJkMjhmM2JmZTQxNw&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
705 B 6ms
6ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 11155
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by: cache-hhn4062-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1646792414.370875,VS0,VE0
date: Wed, 09 Mar 2022 02:20:14 GMT
x-amz-request-id: DM4PBFJ9QH08DD7N
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 84
x-cache-hits: 1036

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F295 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SCcgzg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C85B 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3mV2BQ
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B959 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0qsn3Q4oYtLRGZSu3gOEgoGYBQAAAAA4AeAEAg&bg=!-vml-b3NAAb7UztL-1M7ACkAdvg8Wgba6QUuj_Je0vxthJsuOAaBs3fSBGItL1bs4BDPwIpFB1AU0wIAAAFYUgAAAAJoAQeZAzHIwxm7kqP-O1wJbkrzvR6y-ZXiGa_Tb6jtS3bt7nRb2_v7RjazM-2zub4T_32KzprYwYGLCNQ7Ks6ZwE_kV-466rwKhTmEVclHzpJFIOjUPthtPZlhpGP1W7os2gYW4yabUBeHbUKcM6hEii-82_6zUN9GjT2j-NNvT9ORPVjdpfiOOzS-BShT3erTOpnb5ipDZxyAGZ_OSfmZcQT_OSNkIhAf1_iMzbETCxPMjbfOdGyryVI_bt8FcWAMRwVcVlO5Z6rA429mCzyRzAgBw0MElEKXg8_thpJSMGcUBHgGWEJjcQe9UOqabHP-huoHpRGv99DlVL4As_Nus-MdsstyznPCFQBAinLUiJ6xttP6a87m8azvR0n9lRjC4fCFVqQsZcFSf4HmqtxQCwHDauQhKRU9FF44FR0AdbjPIPItjK0WJUmHz6cmvR33U0AkuM_pDGIgOFgZ7B94swDyNB9Wf7hdxnluxLONT9dFLWpV1jUvbr7W2ZaKjQ_bIXtDn1apwTHAAul4dagjRmd2AsLh4ib-klin88LxrSZ-bGTW9GCAJ2rUu-knq36iClvDWJ3R3zY92kLkHwLFFhYKKe371m6li8o0g9Scz5Jh-fEicQtgbLVDTOkGRIgZKZbSizKO-h0JKDysNnOwGlk2cw6Cyf-SOe1oliQSJHWQ-w_n8HmkZ2tZNRK_9ZToZOkJ0V3dxF3kQh0NRhreOTadtuTGNZwdaaTZSvPoF3e9QcHpMM5N5QI8X4WsE0ISrF1_E1K-vlUmnGJdXjjPdceSw6oOuf901_HjpSPPyEAP5shIB9NTCzB8GC_lj8iVIN78Sf6pjb82l3GV_YGK0k-A8UQINHJT_OBniEJ1msk7AN2bryAwPsC0pAcpA9OThKhzP3kN3dJCfKDxjiM1zAE5WB5HIH1KZJuyuJvZXxAHmosjcTEVJ-EfW9g-nC-NeP2nYqDBNNdR5_cFk2er0ksnebCGVkIe5nM17ZkTSYIpI32OHSHp2upPQuWdnmwVDvqogP3Y2cuqyauwIixYNPOFWyuQHZIJOAUqZPkEmSS61ATEPpwMDJXpNvZ5OU-MUXtfK49m

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 5C34 23 B
497 B 47ms
47ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&pid=8chOAABf92fPN&cb=0&ws=970x250&v=7.73.0&t=1000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.970x250.inter%22%2C%22s%22%3A%5B%22970x250%22%5D%7D%5D&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.79.193 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
x-amz-rid: 5R5T5Z9VYK8MBYX6PCBE
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 4x9KcNwTk6NDCrBUjIbmSITjZX2gmzlcJyrosk6whrzwN66XCfZqKg==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A92 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvc7bUI20pfhii_Ql60pJdVy6eg96xrackA2FCiP7AWlfgXaoKlv84_DAoGow8h47EF4NUTB24fRcnvqW4oNKpzZnrH1TDsBcfZCocYiYX8ghWUogH_&sig=Cg0ArKJSzIzWKN3-qhqQEAE&id=lidar2&mcvt=1008&p=133,436,223,1164&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220307&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3847855073&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646792412895&rpt=514&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame B6D3 0
65 B 42ms
42ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
date: Wed, 09 Mar 2022 02:20:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B6D3 407 B
870 B 95ms
95ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=2&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&kw=%2F138871148%2Foglobo.globo.com.dw.728x90.inter&tg_i.adunit=oglobo.globo.com.dw.728x90.inter&tg_i.pbadslot=138871148%2Foglobo.globo.com.dw.728x90.inter&tg_i.dfp_ad_unit_code=138871148%2Foglobo.globo.com.dw.728x90.inter&tk_flint=pbjs_lite_v4.43.3&x_source.tid=2b4788da-94cb-4ac0-b5b5-9654b2a67e82&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4371770202295424
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4af5a64bd00dbd04aaa21ae79d63e2df81d3cf7c53e846570197eee391312476

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:14 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 407
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame B6D3 23 B
526 B 21ms
20ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.3
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: c022190fb64157666233e3205267670d7493880ada827de23193f849a3dafa25

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 02:20:14 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B6D3 144 B
1 KB 132ms
132ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

b8696c11e157fee62478e719e571c7358b3fe7381727781b013fa68bc7441a80

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:14 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4a309217-815c-4b39-a778-6b02d7135437
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B6D3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ec7ec90804a878993acad6f9cec4ad0ab11640d0c618da1d4e8c8f7fba3c664

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6D3 0
0 74ms
74ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswEKVzZr1gZPDqtHM93DgfGrVodrsNeES8ZNgB3eVjGRnxFjKQYJAX_K5EKfFa3ONdFJGIpPdgZybQtV2YCg76IEqqvIMjU2ngMtMxjy2l--cYobDdKrlUfbqTMJD2ipq6TxU0pU-SfkrUP-ue-Y7g2PMOSrfKFqCbtulzwGjKXkJuDbQAghOU6s46E2AOONibXiKUbXN9RjM7AylaFJE0vd0QggyyGV-sCTs-PMwISTH0uiJ6CrpnbeIOt2lUrrhb48oI5TdNXQ1wAmn4vUue4zR-E_AqKJUK166aAfkL2074g36Q9x80fCqocMQIdRpsE2xfQHB8DEuyqMwOWuODHvgnm5i0&sig=Cg0ArKJSzIMaHqwttsmvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 02:20:14 GMT

GET
H2 403 OQER25S.png
i.imgur.com/ Frame F960 0
198 B 28ms
6ms Image
text/plain 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/OQER25S.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
server: cat factory 1.0
x-timer: S1646792414.494286,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
x-cache-hits: 0
x-cache: MISS
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4058-HHN

POST
H2 204 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 0
35 B 21ms
20ms XHR
text/plain 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cf-ray: 6e90548f3b8f9b2b-FRA

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 27ms
27ms Preflight 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e90548f0ad59bbc-FRA

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame B6D3 23 B
496 B 48ms
48ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&pid=QwtZik9jFj8Ze&cb=0&ws=728x90&v=7.73.0&t=1000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.728x90.inter%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.79.193 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
x-amz-rid: 4J002RC9PQCV2GSNQ6PY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 9v0bwbTU54WJIfxoXkDkLmk_-c5WEYIRtRtHp9asbS4gzkwEEuhyQw==

GET
H/1.1 200
OK 728x90_blue_ENG.jpg
hcode-marketing.s3.amazonaws.com/generic_cr/ Frame CF18 80 KB
80 KB 419ms
113ms Image
image/jpeg 54.231.133.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hcode-marketing.s3.amazonaws.com/generic_cr/728x90_blue_ENG.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.133.241 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bfb2b363b612416c899f6e75ed4bbb046008df170337c9e63a94756700098723

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:15 GMT
Last-Modified: Thu, 24 Jun 2021 22:30:51 GMT
Server: AmazonS3
x-amz-request-id: NAQ18147VQX6GNQ4
ETag: "86b5594d696ba0fce31a8f428b841c6d"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 81859
x-amz-id-2: ocvdU2UJFq901tdGOq881JaMX3dhLBTHl7MagnggJNgeMDMFUP8uKZcySR+yOV42W/Q5W0m2dEs=

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30D4 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUFOUOEtvrWxYj1xAVAD4DdSujc7awYEmYmAw0ulcdBoKyBKi6tojhTAnQB2osPWvw8yh0vhBYss2EqYeuFXERi_oBF0rE0fdG971VE-7ML6yPrLi-tA&sai=AMfl-YS1pcPDPEE2ZTfxloDUedQ7SFsdU41KgDAtos6UuMUDoELvZCXAQ_p10wr6aybqlylUYTyKzzZmtQgfpV9CET-qKMTRHjw-E4PPdTPzCRTFc00McR2hNN3Ky5E&sig=Cg0ArKJSzGSRwUOpkVoBEAE&cid=CAASJORoDxpg8b9c3n-_052G3P7EraBZd5Dai65FVbrb_f9Jze_4-w&id=lidar2&mcvt=1000&p=307,1126,557,1426&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220307&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2282096486&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646792413176&rpt=480&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfbbfc69e0c6ee6b2827c3c9b0b5a4de.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 78 B
237 B 28ms
27ms Script
text/javascript 52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.globo.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 96975ad62ecba169ef3c2dc987bc6a89be6ceb7245fbf01026238ca1767277ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=39 t=1646792414
x-served-by: beacon-n001-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 357 B
505 B 105ms
104ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&technographics=1&callback=Krux.ns.globo.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3c51d60a9c9fd85c728101e0f744afca7fd421a42c30b8f087d4aa2519ddbd31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Wed, 09 Mar 2022 02:20:14 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a019-ash-prod.krxd.net, cache-hhn4039-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646792415.791024,VS0,VE98
content-length: 277
x-cache-hits: 0, 0

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 220 B
270 B 35ms
34ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 722da45c5f0ba79179e751d2f96ccc13693ed4e8bcf86b1cac88797b77b22675

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a004-dub-prod.krxd.net, cache-hhn4041-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646792415.826435,VS0,VE28
content-length: 186
x-cache-hits: 0, 0

GET
H3 200 467226423720066 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/467226423720066?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ca93265c9b9efeabd12ff0b44f6a83162bdab3a8d1c7d99f14f68576ca95635

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89564
x-xss-protection: 0
pragma: public
x-fb-debug: 7luFnad7fnN+x46dRhMIIYKaHqGy+Ipr0tHDemvSEN60AvgPek8X6NfiiNXShJtvPUMN+i0NFxZNenY3JlAfFw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 09 Mar 2022 02:20:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=PageView&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646792414887&sw=1600&sh=1200&v=2.9.55&r=stable&ec=4&o=30&fbp=fb.1.1646792411181.1508579004&it=1646792411074&coo=false&exp=p1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 02:20:14 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=PageView&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646792414889&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646792411181.1508579004&it=1646792411074&coo=false&exp=p1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 02:20:14 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
336 B 28ms
28ms Image
text/plain 52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=sexqhznbn&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Infoglobo&_kcp_d=oglobo.globo.com&_knifr=16&_kua_kx_tz=0&geo_country=de&geo_region=sn&geo_dma=276008&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kxuser=w7nioimqa&_kua_glbdt_utype=anonymous&_kua_dmp_globo_id=99147228217169228195224&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=sn&_kua_kx_geo_dma=276008&_kpa_meta_keywordsDELIM=%2C&_kpa_kx_context_terms=Nu7TWfFv%3A4%2CNu7TXzvm%3A3%2CNu7TXc5X%3A1&_kpa_url_path_1=malu-gaspar&_kpa_url_path_2=post&_kpa_url_path_3=isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&_kpa_meta_site_name=Malu%20Gaspar%20-%20O%20Globo&_kpa_title=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&_kpa_full_path=blogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro&_kpa_subdomain=blogs&_kpa_domain=oglobo&_kpa_utag_editoria=politica%2Fmalu-gaspar&_kpa_utag_page_type=post&_kpa_utag_produto=O%20Globo&_kpa_oglobo_utm_origem=newsletter&_kpa_oglobo_utm_midia=email&_kpa_oglobo_utm_campanha=newstarde&_kpa_browser_name=Chrome&t_navigation_type=0&t_dns=6&t_tcp=458&t_http_request=-1&t_http_response=440&t_content_ready=5498&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w7nioimqa&_kurl_=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&userdata_user=OtNPMe8A%2Cw7nioimqa&sview=1&kplt0=19929&kplt1=19930&kplt2=19936&kplt3=27202&kplt4=30153&kplt5=32767&kplt6=35254&kplt7=38352&kplt8=38515&kplt9=43900&kplt11=46183&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C62%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C40%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C112%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C36
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:14 GMT
cache-control: private, no-cache, no-store
x-request-time: D=155 t=1646792414
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A92 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=2642584640655552&bg=!urmluf3NAAb7UztL-1M7ACkAdvg8WkH-4YYjFDbpDUgarpCsu0sL_UpEhlgn4sJZBNPAYOfz7uzgxgIAAAE0UgAAAANoAQeZAvZW89e7Tk87w_YC60-Q10Jh0RUrYLntfgIm8XH664DleQamjx8oQKofgjUD_of6qdHQa01Gb_C_bntgec7yX58cZ5yfrKkX0aQCr2U-759k-y1qG1Vb2E2XYS8mMEWs_0cmwTVIAdQ_DIL9lFHKuUTIWyzShMUrbZDbG1KkAUOMSoYiuhuZDTPuXCGQoBjnFK879ocrEIC2uEg2ghKAQP2-Jlb6ujWPeEjA5mbxGosMJimPj1pYr_ZKknI_jBywOFhwE-YbB1RCQCYMpewp5miHYa-ro1GuCYHX7bSXoLHfqjKkbzF4csY7l1TuwURXdQ0MDWfyFC70iZE0QqaZn2gH5W7fMnRT65FMc71lkWwmK-gndxLTdbpMN70W-5dKmxWKCDmEuzk6ZxTSWREKeQtJKwmoE2KcaWjPZp--MlcdYKAHrdpbiD8brqZhNJn3qs9BKbTwiooEZNEvahx-GfohoN-beqwL92wNTGvFJjjVcoGFZQLFpzDqsIkpSp7UBREOaPlegiWtJHmqP7i1XxqAVxulLGRFr3MxeeYc2KMXCQI69I-x8au6vn1xrC_QFE0ZmB4pzXrOwGgMtABGRkg7iMcBxlDKqKuWkEj_GGcDIWhwTfd2XZ6oagOySoyi56c4Fn6AWcQT09fX0NjVpcJsIp-hOtz9Np26FRyWPDWErSdpVGLz0eGS8ruH5QkFje0BkQGvnnkwp7kxcQGAI8rtYGr00y9PJgXRJHcfHCXD8vVF4yK_TZi8ujJOyHXhJEQXBrnRS2FUIOMm04yBLAVn_FkxjbHk-6mCKJAQQ7P6qGstZclcMYyi-tynX0N5Jf8-oga-_IQvkjKaR6ehZvaIwJ4olkTa8Lxc2ws_hzDS2RTNx96i_ETxQSe0yHGwvH6jE65-6ZcPTvUi1NjwFGepHSIEr4tjfmjHH-ycGn8SPQrWwsO6lQMZxvrQukbm-BZlEReD9v6oTltj5UrFDFAXGq7Nd1loenIpOMh_N9q_AaMjHP_FxA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B00 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=2063796994291320&bg=!nZ6lntrNAAb7UztL-1M7ACkAdvg8WoRiouUO5sKFEZSONfn6M9GDTM1VlKIJVCi9ZZO3qdKtQ0VaTwIAAAFiUgAAAANoAQeZAv_XnkLF1BGyqffNqNqzSagHsZQsiO8O_F9aCkJMMMSWt3lmjMXtCJSKlEe4AMGK_Han0t4MKZ8ayl-KFz8WIIhQ3ybFZp2r9lqY_dadYU4wZHdsz8IS2ofyhB1_c8c2eOl7QD05qZAtRY83iNLeWQSboFn1ygiJvlhaVqzJMlOF7YWFIrNznDMYLRhE0n39diziR9hRn-TNsMzEFvaWgEitPBBncHbEymAII9zoC6k0yp7Zi5KvDJyX6Y5d0D6p8TpHoRCN7f-igGsJyS3dIK1sIYIWeZzqq7dPJErFJlw_8XCUWpOaeqAmAcdjF1Aihd0FErmb-jekrPOmol4rbzNbFadZ3LdeoEP4WIpk9rTcqSwXjM4oGQLLRPj66CqXWE934usYl_nuDiwrGyiUJM2Pl13lQ2XvjF_C1FURYN84tBYIO6BJ4F9YP4IIWAEPVHwxhp7tGwIKcV_svATk_BpcMnUZ57kNzQrcnqQ9TF4gMg_ORHpWmvcJSegubSC_zip5fzx2jw_ESzaI4aSJM94aeQI7l_SbpgMOV65RQCBjqrN1ENLq88NPfkuEGUa3NalUi4WrhNH-WqTZPj4C41v8_DdAlhexkwsRzg-5CUi63Fi9hvgl4l9RKM4XqU6GY8hkEGdbv3Z0W5U38PjhqPohIgI6bLBoJzQkgkxPPTGl0y966v1kOCajfmb6yj-_v4HKgQq8c2A2_aSxkkS3XjLCy1J4OURKQvjVTtaHWh0YdERoEBELN92wTVQLVQeOyKsVb7Y1ZTiXXqsfXEAN7EKQxKuEOYyd4q6iRarPmPtOmnnaxNL1TAjfSRik4D27X34gmfN-Oggr50culYgwqMB53NlNvTmakNN5vNHjU4f2mnatiM3QIwDh10uc6mySE6aA2D8kCikxfWJfL2tC1ZMrIgTtGAFtb8F8i0LVQSnAOQ3PUHQRShskllz5qnKXRlr0hAlOOhMUWxmCbtWjA4-7MWe1cQ_QaYZoxdEAvM_E_cXfzewT-WA4mMqjyhK4fg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 6ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 1689
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: d2c+S+ILbil9YoWV0pdRt5sw8P0XC/NhHYbhmL4aRwQla6EAzDzo1EmADmZOYSNh2V3J9hbip1I=
x-served-by: cache-hhn4062-HHN
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1646792415.192999,VS0,VE0
date: Wed, 09 Mar 2022 02:20:15 GMT
vary: Accept-Encoding
x-amz-request-id: 6CY1FG8Q11T7G8KE
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 84
x-cache-hits: 710

GET
H2 200 eid.js Show response
cdn.taboola.com/scripts/ 14 KB
5 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding: gzip
etag: "f7917ed1eb799a729725a7db50d1f828"
age: 3841
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5258
x-amz-id-2: Rhh0WCO+nH/zCfz3jMuRc6c0XnxbSs+HWO0GK9r2x4mf5YFhPlfQqTSv3iCD1wQHcZnxVg9CFQU=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 28 Dec 2021 08:10:40 GMT
server: AmazonS3
x-timer: S1646792415.193572,VS0,VE0
date: Wed, 09 Mar 2022 02:20:15 GMT
vary: Accept-Encoding
x-amz-request-id: 4QYNQ0077R21PYSA
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 84
x-cache-hits: 1176

GET
H2 200 / Show response
pips.taboola.com/ 64 B
245 B 21ms
6ms XHR
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 5b0d0d08c3b7fbdc8164e467ee1d637e4b616be1a489699c18b67082281851b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:15 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-hhn4028-HHN
access-control-allow-methods: GET
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 262ms
85ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c&uad=3d45fdf57e5fd666b1ff640d125a0f6e7a8edfac5055af0885b29ff442d85007
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 09 Mar 2022 02:20:15 GMT
Cache-Control: no-store
Server: nginx
Connection: close

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2B8F 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://blogs.oglobo.globo.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Wed, 09 Mar 2022 02:20:15 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B6D3 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVznNGUggtzXJPuAPPzZm_W6JIv3_EHWHSebWHzB5aEY4Nbw1o3goXdreKRotPS_9OetSUqwofy7OWRpmiEcnskgvM1vJBnmGMgddVvuWZy83cdnLh&sig=Cg0ArKJSzFQD4wngWms9EAE&id=lidar2&mcvt=1003&p=133,436,223,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220307&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=436941508&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646792413872&rpt=587&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ Frame 1B00 17 B
187 B 67ms
14ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=157163
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:15 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ Frame 8A92 17 B
99 B 14ms
13ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=157163
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:15 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 54ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:15 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Mar 2022 02:20:15 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 54ms
26ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:15 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 21:31:17 GMT
server: nginx
etag: W/"62194aa5-18342"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Mar 2022 02:20:15 GMT

GET
DATA 200
OK truncated
/ Frame EBCB 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 stream-locale-pt-BR.c1dbd14345e5f105ed6a3aab257eafea.chunk.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/ Frame EBCB 43 KB
13 KB 226ms
225ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/stream-locale-pt-BR.c1dbd14345e5f105ed6a3aab257eafea.chunk.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/stream.ec444b2b9e0c4eb0951e37cf1147f9dd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2ba053159f3ed7c3417eab551c45fb9ed82a2c81e0078932173bba0f13e0af98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:16 GMT
content-encoding: gzip
x-openstack-request-id: tx263e9e0de252454b99a32-0062167536
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB14002
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857408.09748
cache-control: public, max-age=5184000
content-type: application/javascript
x-trans-id: tx263e9e0de252454b99a32-0062167536
x-request-id: dfac0b22-99a6-49ff-ab4c-a4b79f04488b

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 53ms
53ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

536d4cb86f362a53b1289df024cb2d1a01e511b734eb2d1e62b4614828cd657f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 02:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10585
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7AF7 13 KB
5 KB 20ms
20ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=blogs.oglobo.globo.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 4304
date: Wed, 09 Mar 2022 02:20:16 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H2 200 graphql Show response
oglobo.comentarios.globo.com/api/ Frame EBCB 205 B
483 B 253ms
252ms Fetch
application/json 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/api/graphql?query=&id=26ec6fb6706a50ae3e592654f5dc4518&variables=%7B%22storyID%22%3Anull%2C%22storyURL%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%7D

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/vendors~account~admin~auth~install~stream.fed0baa2de5aacf2dc8768b3dc3f5563.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

2616c4d2f261d1ec5e5ae14ec213bc12b4969dff1a9bf6c3fa865752cc806159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646792100000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
X-Coral-Client-ID: 75e49470-9f4f-11ec-ac98-a70b9ccd38a8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 75fadb90-9f4f-11ec-a1f1-a9d1db5a3182
date: Wed, 09 Mar 2022 02:20:17 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"cd-/3iyW4t4akcHRBACmomqCfpFjaQ"
vary: Accept-Encoding
content-language: pt-BR
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type
x-xss-protection: 1; mode=block

GET
H2 200 graphql Show response
oglobo.comentarios.globo.com/api/ Frame EBCB 2 KB
1 KB 284ms
283ms Fetch
application/json 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/api/graphql?query=&id=81fcfa8ace817dce2f37c314891440d5&variables=%7B%22storyID%22%3Anull%2C%22storyURL%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%2C%22storyMode%22%3Anull%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

2e4b90cb4fde57261da0d6281ddb4973a819c7ae47b71ac3644e8c5fe7f72be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646792100000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
X-Coral-Client-ID: 75e49470-9f4f-11ec-ac98-a70b9ccd38a8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 75fbc5f0-9f4f-11ec-b835-79da0d1547c2
date: Wed, 09 Mar 2022 02:20:17 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"878-mfpm8GGttIzPU0mszydbMwuYDPM"
vary: Accept-Encoding
content-language: pt-BR
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type
x-xss-protection: 1; mode=block

GET
H2 200 bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame EBCB 10 KB
11 KB 1144ms
687ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Origin: https://oglobo.comentarios.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
x-openstack-request-id: tx25f669bba86a470393bf2-00605e631e
last-modified: Tue, 25 Jun 2019 17:35:22 GMT
x-thanos: 0AB0C004
etag: 8593a5a07cf620d4512fcb71cbcd07a6
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control: public, max-age=31536000
content-length: 10284
accept-ranges: bytes
x-trans-id: tx25f669bba86a470393bf2-00605e631e
x-request-id: b39333cf-1e79-45ba-941a-b3c4f0a8bb5f
x-timestamp: 1561484121.35690

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7AF7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=blogs.oglobo.globo.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=_3V6GXxGcmF5Y3Q1Y0dTc2FPNmxadldUQWFUOEwvVFRzZi9FSWU3WmFmc2daMHZQNDdHQlVCa3RncnBYQ25EODVpSmRDdm1kT2hjaVltNWxGYlNWdzlPUWI2Mk15Z3FCOThvRXFoN3pINmQ3Z243NmpCQUZmM1dvbFhOUk...

417 B
628 B

49ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_3V6GXxGcmF5Y3Q1Y0dTc2FPNmxadldUQWFUOEwvVFRzZi9FSWU3WmFmc2daMHZQNDdHQlVCa3RncnBYQ25EODVpSmRDdm1kT2hjaVltNWxGYlNWdzlPUWI2Mk15Z3FCOThvRXFoN3pINmQ3Z243NmpCQUZmM1dvbFhOUkpqNU15OWJhaWJtWVRNK1pSRUFPb2JRaEcwekNwZ1czWURkcDl5bDdKVTlKYXFRdE1GVE1pNkFTeTlYRWk3UXZ4ZG1sTzhVK2RvWnE1Qy96QTNYTjhyUW1iQnZsZXhxVXQvVDM0d2hEa2FtVWt3YSt0S1dvdXNtVE1kc0U4WTBXM0IxcCtlUm4wZ0NFTHA2b0tFSHAvU3lFazB3WUFwdz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a697e0ea25f5883ab8ffd37b9978ecb662fad96b6681300d7d4adfd989c64ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:16 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3479
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:16 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=_3V6GXxGcmF5Y3Q1Y0dTc2FPNmxadldUQWFUOEwvVFRzZi9FSWU3WmFmc2daMHZQNDdHQlVCa3RncnBYQ25EODVpSmRDdm1kT2hjaVltNWxGYlNWdzlPUWI2Mk15Z3FCOThvRXFoN3pINmQ3Z243NmpCQUZmM1dvbFhOUkpqNU15OWJhaWJtWVRNK1pSRUFPb2JRaEcwekNwZ1czWURkcDl5bDdKVTlKYXFRdE1GVE1pNkFTeTlYRWk3UXZ4ZG1sTzhVK2RvWnE1Qy96QTNYTjhyUW1iQnZsZXhxVXQvVDM0d2hEa2FtVWt3YSt0S1dvdXNtVE1kc0U4WTBXM0IxcCtlUm4wZ0NFTHA2b0tFSHAvU3lFazB3WUFwdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1742
content-length: 541
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 02:20:17 GMT

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=02%3A20%3A17.147&type=info&msg=FPO%20completed%20running&llvl=2&id=826&cv=20220308-6-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15203

GET
H2 204 social
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 0
230 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/social?route=AM:AM:V&lti=deflated&ri=3137eeb81c294ce3b22718044ad5b590&sd=v2_a8377ad2c9051daa0af1b4bf75f58848_e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c_1646792412_1646792412_CNawjgYQlv9JGNec6OP2LyABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjb_5X0ga2ul6YBcAA&ui=e1c727ba-4172-498f-9d28-594ce68be2b4-tuct921945c&pi=/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&wi=-7425918557199498964&pt=text&vi=1646792412759&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A2%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%22Sem%20Autor%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs2.glbimg.com%2Fel2nXAIMf-MFP1dx9wU0IUt-_fM%3D%2F640x424%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2020%2F09%2F25%2Fa.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=02%3A20%3A17.151&id=9704&llvl=2&cv=20220308-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 09 Mar 2022 02:20:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 12C7 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 19:45:56 GMT
expires: Wed, 08 Mar 2023 19:45:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 23661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2BC0 783 B
533 B 56ms
56ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d90e1875681e692e92fb6369393df767b22876836801f623b9da13facc582ab3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bQQYoI21do1yFSZiewYOHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 09 Mar 2022 02:20:17 GMT
date: Wed, 09 Mar 2022 02:20:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-bQQYoI21do1yFSZiewYOHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 12C7 35 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 19:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 19:07:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2BC0 0
0 62ms
62ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=3326231955320497&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 12C7 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rElD4g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 graphql Show response
oglobo.comentarios.globo.com/api/ Frame EBCB 2 KB
1 KB 299ms
299ms Fetch
application/json 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/api/graphql?query=&id=cf0bfa0e60dd576a3908cde9a42cd1f0&variables=%7B%22storyID%22%3Anull%2C%22storyURL%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%2C%22commentsOrderBy%22%3A%22CREATED_AT_DESC%22%2C%22tag%22%3Anull%2C%22storyMode%22%3Anull%2C%22flattenReplies%22%3Afalse%2C%22ratingFilter%22%3Anull%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

cb78f10d9244ba1650a8bc3b34b737f71793eb9b8911c23100c01ed651fa4d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646792100000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
X-Coral-Client-ID: 75e49470-9f4f-11ec-ac98-a70b9ccd38a8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 762c24c0-9f4f-11ec-a252-5d0d238a8240
date: Wed, 09 Mar 2022 02:20:17 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"8f0-TApg8FthMdlLMsbwCTRMx9BD/eM"
vary: Accept-Encoding
content-language: pt-BR
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type
x-xss-protection: 1; mode=block

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3453 15 KB
6 KB 7ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=34400
expires: Wed, 09 Mar 2022 11:53:37 GMT
date: Wed, 09 Mar 2022 02:20:17 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F0CF 281 B
554 B 7ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 02:20:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame AEE0 52 KB
17 KB 35ms
6ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 07 Mar 2022 06:18:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 09 Mar 2022 02:20:17 GMT
Age: 72115
X-Served-By: cache-lga21977-LGA, cache-hhn4025-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 3, 1068312
X-Timer: S1646792417.457317,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 regular.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame EBCB 10 KB
11 KB 821ms
686ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Origin: https://oglobo.comentarios.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
x-openstack-request-id: tx1aa3171e399e4bfe9187f-00605e631f
last-modified: Tue, 25 Jun 2019 17:36:35 GMT
x-thanos: 0AB0C004
etag: 4124088fdd8c315a6d096b65b6cbf428
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control: public, max-age=31536000
content-length: 10352
accept-ranges: bytes
x-trans-id: tx1aa3171e399e4bfe9187f-00605e631f
x-request-id: 9569f38d-7b68-4ab8-ad73-fd559a73b310
x-timestamp: 1561484194.26376

GET
H2 200 MaterialIcons-Regular.570eb83859dc23dd0eec423a49e147fe.woff2
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/media/ Frame EBCB 43 KB
44 KB 1014ms
879ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/media/MaterialIcons-Regular.570eb83859dc23dd0eec423a49e147fe.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/css/stream.48fcab9847bb8f1bdf1cbf7c6c22b202.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/css/stream.48fcab9847bb8f1bdf1cbf7c6c22b202.css
Origin: https://oglobo.comentarios.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
x-openstack-request-id: txc3664d51171642c9a5e14-0061e9e56d
x-trans-id: txc3664d51171642c9a5e14-0061e9e56d
content-length: 44300
x-request-id: 3fe5bae2-03f9-4ffa-9e83-339537d171c1
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB0C004
etag: 570eb83859dc23dd0eec423a49e147fe
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
access-control-allow-origin: https://oglobo.comentarios.globo.com
x-timestamp: 1611857408.77746
cache-control: public, max-age=5184000
accept-ranges: bytes
content-type: application/octet-stream
access-control-expose-headers: x-trans-id, content-language, x-object-meta-mtime, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id

GET
H2 200 semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame EBCB 16 KB
16 KB 590ms
456ms Font
application/font-woff2 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Origin: https://oglobo.comentarios.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
x-openstack-request-id: txa3359ab73bd4439989f38-00605e631f
last-modified: Tue, 25 Jun 2019 17:36:47 GMT
x-thanos: 0AB0C004
etag: 365c53275ca5dad1584b7e0bd3a46c1e
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control: public, max-age=31536000
content-length: 16172
accept-ranges: bytes
x-trans-id: txa3359ab73bd4439989f38-00605e631f
x-request-id: 3a542ff0-3f86-4034-b39c-581d9f0b2785
x-timestamp: 1561484206.27623

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F0CF 32 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a8377a9082c8d825d0b0201d27c3c2c87638da830ac18482477240dfecff6baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=66141
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9536
Expires: Wed, 09 Mar 2022 20:42:38 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3453 2 KB
3 KB 53ms
16ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58187741&p=157163&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 8782001fec942ca812d110f48ad8be269a7549f18190b05e850a0bef2cd5cef0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8291 52 KB
17 KB 6ms
6ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 07 Mar 2022 06:18:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 09 Mar 2022 02:20:17 GMT
Age: 72115
X-Served-By: cache-lga21977-LGA, cache-hhn4025-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 3, 1068313
X-Timer: S1646792417.465059,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C7C7 281 B
554 B 8ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 02:20:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 31A6 52 KB
17 KB 10ms
6ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 07 Mar 2022 06:18:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 09 Mar 2022 02:20:17 GMT
Age: 72115
X-Served-By: cache-lga21977-LGA, cache-hhn4025-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 3, 1068314
X-Timer: S1646792417.472079,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AEE0 0
747 B 13ms
13ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:17 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c6bd52b9-9da8-4bed-9ffc-492f59b0d845
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C7C7 32 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a8377a9082c8d825d0b0201d27c3c2c87638da830ac18482477240dfecff6baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=66141
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9536
Expires: Wed, 09 Mar 2022 20:42:38 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8291 0
747 B 14ms
13ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:17 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ad00ed5d-ca95-4549-9587-ff2c54de6533
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 31A6 0
747 B 20ms
13ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:17 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 72a71f2f-4c68-42fd-9108-9df129510f4e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 969A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=E032207E-5E6C-4E5C-9954-35CCBBC5C47A
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E032207E-5E6C-4E5C-9954-35CCBBC5C47A

35 B
467 B

22ms
22ms

Document
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E032207E-5E6C-4E5C-9954-35CCBBC5C47A

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 02:20:17 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Wed, 09 Mar 2022 02:20:17 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E032207E-5E6C-4E5C-9954-35CCBBC5C47A
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8B2E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:318f6228-0edd-4500-bdc3-1a5e550d1795&gdpr=0&gdpr_consent=

42 B
495 B

66ms
19ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:318f6228-0edd-4500-bdc3-1a5e550d1795&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 02:20:16 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug010:0:373
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Wed, 09 Mar 2022 02:20:17 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4245 b916d47 master cdg-pixel-x24 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:318f6228-0edd-4500-bdc3-1a5e550d1795&gdpr=0&gdpr_consent=
Expires: Wed, 09 Mar 2022 02:20:16 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame D380
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=108955719836841341

42 B
209 B

16ms
15ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=108955719836841341
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 02:20:17 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug019:0:531
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=108955719836841341
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame DA97
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
340 B

24ms
18ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 02:20:17 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug014:0:328
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Wed, 09 Mar 2022 02:20:16 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Wed, 09 Mar 2022 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1390876
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E98E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7072919574320838799

42 B
210 B

42ms
19ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7072919574320838799
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 02:20:16 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug008:0:454
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Wed, 09 Mar 2022 02:20:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7072919574320838799

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3453
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4DIgfl5sTlyZVDXMu8XEeg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

9ms
7ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=34400
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Wed, 09 Mar 2022 11:53:37 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 3453
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=318f6228-0edd-4500-bdc3-1a5e550d1795

0
260 B

70ms
15ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=318f6228-0edd-4500-bdc3-1a5e550d1795
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:16 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 09 Mar 2022 02:20:17 GMT
Server: MT3 4245 b916d47 master cdg-pixel-x24 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=318f6228-0edd-4500-bdc3-1a5e550d1795
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 09 Mar 2022 02:20:16 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3453
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=E032207E-5E6C-4E5C-9954-35CCBBC5C47A
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=3c4c591a-b469-471a-a447-023f2c1a1f0d&icm
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=cba8e081baf6d3cd8763978b4acc6a21&gdpr=
https://spl.zeotap.com/?zdid=1332&zcluid=5f761cc1f148b6de
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ca87dcd4-5cf4-4b28-59cd-a0250bcb782d&reqId=7386597e-a262-4adc-447c-31be660b401b&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEOn2reCC7DSOR6mCYcPLySg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ca87dcd4-5cf4-4b28-59cd-a0250bcb782d&reqId=7386597e-a262-4adc-447c-31b...

95 B
164 B

40ms
32ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEOn2reCC7DSOR6mCYcPLySg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ca87dcd4-5cf4-4b28-59cd-a0250bcb782d&reqId=7386597e-a262-4adc-447c-31be660b401b&zcluid=5f761cc1f148b6de&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6e9054a40d549259-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEOn2reCC7DSOR6mCYcPLySg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ca87dcd4-5cf4-4b28-59cd-a0250bcb782d&reqId=7386597e-a262-4adc-447c-31be660b401b&zcluid=5f761cc1f148b6de&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3453
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTAzMjIwN0UtNUU2Qy00RTVDLTk5NTQtMzVDQ0JCQzVDNDdB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

30ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:2072
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3453
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGKj0i5nR2H0tiFObCdIk8M&google_cver=1

42 B
590 B

29ms
16ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGKj0i5nR2H0tiFObCdIk8M&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug027:0:453
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGKj0i5nR2H0tiFObCdIk8M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 3453 43 B
610 B 53ms
14ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 08 Mar 2022 02:20:17 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3453
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8372929599688268931

42 B
234 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8372929599688268931
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
cache-control: no-store, no-cache, private
x-lat: amspug005:0:459
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:17 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8372929599688268931
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3453
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c4c591a-b469-471a-a447-023f2c1a1f0d

42 B
371 B

15ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c4c591a-b469-471a-a447-023f2c1a1f0d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:388
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:17 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c4c591a-b469-471a-a447-023f2c1a1f0d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3453
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8238434416626646399&gdpr=0&gdpr_consent=

42 B
234 B

66ms
16ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8238434416626646399&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 02:20:17 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug030:0:411
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:17 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 718be794-76a1-443c-ae79-c2e69c6b85f6
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8238434416626646399&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F003 15 KB
6 KB 7ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=34400
expires: Wed, 09 Mar 2022 11:53:37 GMT
date: Wed, 09 Mar 2022 02:20:17 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7159 281 B
554 B 7ms
6ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 02:20:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2CD8 52 KB
17 KB 6ms
6ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 07 Mar 2022 06:18:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 09 Mar 2022 02:20:17 GMT
Age: 72115
X-Served-By: cache-lga21977-LGA, cache-hhn4025-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 3, 1068315
X-Timer: S1646792418.586899,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7159 32 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a8377a9082c8d825d0b0201d27c3c2c87638da830ac18482477240dfecff6baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 02:20:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=66141
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9536
Expires: Wed, 09 Mar 2022 20:42:38 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2CD8 0
747 B 17ms
16ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:17 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9e4130b5-178c-47b3-a800-982711dab9d4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EBCB 207 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c029691db05a7879679a602c15ed216ca0addb78165197697f412f337c2ab8bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=3326231955320497&bg=!TU6lTgrNAAb7UztL-1M7ACkAdvg8Wgi-1b3hHXGd0lVvDLLD5uA6FjSmQQPYgBopD1Nvj8SyVfw-iAIAAABgUgAAAAJoAQeZAv4EhBnxKjeNQKt1SRuO86ag96urjvSp6mRuZnUHwE_Jna1bBqZRgWiaP7pNlcE303eoEhTrPpjaZfEMEecOi2fWoorPbIv3JDXFRYKm57s2aKqtDmh6zW373NJte1_qDZvvliR_3IGJFJWkma8hMhF1v1CYsFc4C0JKTLJQC7pNpeDA73JrNLBmwAScHm4rZGqu82wV-GrskbP693jyhOCsi8z6t73IYTHjVsQfNWCcWpejtJM8YeUh-_Vga4pMi7LW7HxFTjrykT2hnhmbjRdSBQZkXFx4LQJCsfIlP-PJsBCYw6mmoRT5seCNwcYLCbVsT1VMhnCux0IhSXfrsyqy3L4oZw00Iuzc_xffT9ZcJG2mWtojP6qboG8mbZ5_ygHe-AVg0wHv0qSuej7E2I_AKbQOvk7srRGcH6FWYkAl1cHynU1LD5UgeAGiDEbBQ1kWq6cSo6CKZUH_mkMxllUa8mC5K6eU5501ZM8itcyz9Vt-mIS4Wnibk0-P0_VQOFKsz-0TqC_jCKDBMBK6NN1AJuflODYGVnq1z2NzKtapY83j9BmCml2Q1Tb1ZtcbEqBNPvF_tEaZoBYRRbmkYYRgsChMyYk_tBALdLlUOU-O7xc79AZkUTi-IY4I5QEGv54ke3SJ24Sjv5lQ9QQ5Z4h5--NaJ3dUGf9tAGrn0ITokCUNNnUfzcy3ZTriRgsPuE1oc90xr-lp5PXGSLE55OmwRskKqkf-1jMAQMQ3g5WAotrBjSTs4iEj1XOzt0ujazL104L6ynlXulk5CZC2fAw9USUpCDcFNGrSaZfEqTYJwRXS6yd_dEhWdOpl1gFDUDl-27KBSpCsCNYaJ3vkK-AbKguUG-HdQG9YlBXowo6FlZZcgB34_Y4OysIYozw95mrFSBP9JYi0SHiO11bE7smisCeotEEfL-wTaDLXwqRIVOJxi5aYVZ0oO0KieEW0OoMVnwTVcitkEBIIDdpSwLB6-3KEJwmdrFS_bc0IdgB4Vz9jkGTJN3XJPzrbx_Q7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 02:20:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AEE0 0
747 B 13ms
13ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:18 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ef9e0253-d9bd-4b07-a73f-8cfb99247441
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8291 0
747 B 13ms
13ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:18 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 38fc2450-911b-4118-8e88-946f0a630e5d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 31A6 0
747 B 13ms
13ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 02:20:18 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bb4ae3bd-6d5b-4eed-b15d-febaf5e409d1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2CD8 0
747 B 14ms
13ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS