Submitted URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3Wh...
Effective URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=ema...
Submission: On November 19 via api from CA — Scanned from CA

Summary

This website contacted 144 IPs in 14 countries across 139 domains to perform 648 HTTP transactions. The main IP is 201.7.177.178, located in Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is valor.globo.com. The Cisco Umbrella rank of the primary domain is 632547.
TLS certificate: Issued by R3 on November 17th 2023. Valid for: 3 months.
This is the only time valor.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
2 201.7.177.178 28604 (Globo Com...)
37 186.192.90.3 28604 (Globo Com...)
6 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
8 186.192.91.5 28604 (Globo Com...)
10 186.192.91.9 28604 (Globo Com...)
4 5 104.96.238.138 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 34.110.201.227 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:219... 16509 (AMAZON-02)
2 2a04:4e42:200... 54113 (FASTLY)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 2620:100:a001::4 19750 (AS-CRITEO)
1 18.160.46.100 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
1 2602:803:c002... 26667 (RUBICONPR...)
1 2620:100:a001... 19750 (AS-CRITEO)
1 23.105.14.97 30633 (LEASEWEB-...)
1 186.192.81.117 28604 (Globo Com...)
2 54.211.145.128 14618 (AMAZON-AES)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
3 35.190.14.224 15169 (GOOGLE)
4 35.244.153.86 396982 (GOOGLE-CL...)
2 4 18.165.83.79 16509 (AMAZON-02)
9 18 162.19.138.117 16276 (OVH)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 5 2620:100:a001::c 19750 (AS-CRITEO)
4 35.211.79.33 19527 (GOOGLE-2)
1 18.160.41.49 16509 (AMAZON-02)
5 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f07... 32934 (FACEBOOK)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 7 104.87.84.208 16625 (AKAMAI-AS)
37 151.101.129.44 54113 (FASTLY)
4 34.151.224.123 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:24f... 16509 (AMAZON-02)
1 35.190.39.111 15169 (GOOGLE)
6 22 35.244.159.8 396982 (GOOGLE-CL...)
3 74.119.119.139 19750 (AS-CRITEO)
1 3.162.3.7 16509 (AMAZON-02)
5 7 2600:1f18:4e9... 14618 (AMAZON-AES)
2 9 52.46.128.147 16509 (AMAZON-02)
11 11 3.33.220.150 16509 (AMAZON-02)
14 20 142.251.163.154 15169 (GOOGLE)
1 34.95.229.88 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
9 14 3.225.218.10 14618 (AMAZON-AES)
1 2a04:4e42:200... 54113 (FASTLY)
3 57.128.96.95 16276 (OVH)
2 3.210.155.151 14618 (AMAZON-AES)
1 2a03:2880:f17... 32934 (FACEBOOK)
8 151.101.65.44 54113 (FASTLY)
2 54.90.202.184 14618 (AMAZON-AES)
11 2607:f8b0:400... 15169 (GOOGLE)
14 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.201.123.184 396982 (GOOGLE-CL...)
1 35.198.44.170 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 100.24.189.89 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 37 141.226.124.48 200478 (TABOOLA-AS)
1 1 124.146.153.166 2514 (INFOSPHER...)
2 2 18.157.98.121 16509 (AMAZON-02)
2 3 216.22.16.53 30633 (LEASEWEB-...)
20 41 69.173.151.100 26667 (RUBICONPR...)
1 1 35.208.249.213 15169 (GOOGLE)
1 3.232.219.155 14618 (AMAZON-AES)
5 30 8.28.7.83 62713 (AS-PUBMATIC)
2 4 198.148.27.131 19189 (PULSEPOINT)
5 5 74.119.119.150 19750 (AS-CRITEO)
1 1 3.225.231.138 14618 (AMAZON-AES)
2 2 50.57.31.206 19994 (RACKSPACE)
3 9 34.111.113.62 396982 (GOOGLE-CL...)
1 1 69.166.1.67 27630 (AS-XFERNET)
1 4 104.36.115.113 62713 (AS-PUBMATIC)
14 23 68.67.160.24 29990 (ASN-APPNEX)
15 15 35.211.178.172 19527 (GOOGLE-2)
2 2 172.240.127.128 7979 (SERVERS-COM)
2 2 35.207.24.140 15169 (GOOGLE)
1 3 52.223.22.214 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
14 23.50.125.215 16625 (AKAMAI-AS)
1 35.241.9.51 396982 (GOOGLE-CL...)
5 34.107.254.252 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2600:1408:c40... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
20 2600:1408:c40... 20940 (AKAMAI-ASN1)
12 15 63.251.28.234 13789 (INTERNAP-...)
2 2 8.43.72.98 26667 (RUBICONPR...)
3 3 199.38.167.131 54312 (ROCKETFUEL)
1 52.95.125.22 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
10 10 54.145.78.184 14618 (AMAZON-AES)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 18.204.254.22 14618 (AMAZON-AES)
2 2 52.2.49.56 14618 (AMAZON-AES)
1 1 2600:9000:201... 16509 (AMAZON-02)
1 1 2600:9000:207... 16509 (AMAZON-02)
1 13.225.195.23 16509 (AMAZON-02)
1 2 63.251.86.49 10913 (INTERNAP-BLK)
12 147.28.129.140 54825 (PACKET)
1 173.223.163.210 20940 (AKAMAI-ASN1)
2 2 54.165.249.28 14618 (AMAZON-AES)
3 3 185.167.164.39 198622 (ADFORM)
1 34.149.50.64 396982 (GOOGLE-CL...)
1 1 192.132.33.68 18568 (BIDTELLECT)
6 6 2620:112:f002... 6336 (TURN-US-ASN)
9 9 199.127.204.171 26120 (RHYTHMONE)
6 10 35.244.154.8 15169 (GOOGLE)
2 169.197.150.7 398989 (DEEPINTENT)
1 54.211.177.173 14618 (AMAZON-AES)
1 52.33.237.62 16509 (AMAZON-02)
4 4 207.198.113.89 13768 (COGECO-PEER1)
5 23.220.136.208 16625 (AKAMAI-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:24f... 16509 (AMAZON-02)
20 2606:4700::68... 13335 (CLOUDFLAR...)
4 173.0.146.5 7979 (SERVERS-COM)
9 96.46.186.186 7979 (SERVERS-COM)
3 145.40.89.32 54825 (PACKET)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 1 23.105.12.172 30633 (LEASEWEB-...)
5 5 8.28.7.82 62713 (AS-PUBMATIC)
1 1 188.166.17.21 14061 (DIGITALOC...)
5 6 151.101.2.49 54113 (FASTLY)
2 2 173.231.178.116 32475 (SINGLEHOP...)
1 1 2620:116:800b... 14618 (AMAZON-AES)
2 2 52.5.229.57 14618 (AMAZON-AES)
3 3 52.23.71.199 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 3.224.166.52 14618 (AMAZON-AES)
1 1 82.145.213.8 39832 (NO-OPERA)
3 4 64.202.112.159 23352 (SERVERCEN...)
1 40.76.134.238 8075 (MICROSOFT...)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
1 2 8.28.7.84 62713 (AS-PUBMATIC)
2 2 2606:ae80:147... 25751 (VALUECLICK)
1 52.87.59.166 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
1 2607:f8b0:400... 15169 (GOOGLE)
12 96.46.186.182 7979 (SERVERS-COM)
3 3 63.251.86.50 32475 (SINGLEHOP...)
1 1 2600:1f16:e61... 16509 (AMAZON-02)
1 1 216.239.32.21 15169 (GOOGLE)
2 14 51.222.239.232 16276 (OVH)
1 1 52.71.26.24 14618 (AMAZON-AES)
1 2 80.77.87.166 46636 (NATCOWEB)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 208.115.232.150 46475 (LIMESTONE...)
2 2 74.121.140.211 30419 (MEDIAMATH...)
1 1 213.19.162.90 3356 (LEVEL3)
1 34.102.253.54 396982 (GOOGLE-CL...)
2 3 131.153.203.243 20454 (SSASN2)
1 2 131.153.242.59 19437 (SS-ASH)
2 2 5.161.204.250 213230 (HETZNER-C...)
1 1 35.227.252.103 15169 (GOOGLE)
1 4 37.157.6.254 198622 (ADFORM)
3 10 172.64.151.101 13335 (CLOUDFLAR...)
1 104.36.115.123 62713 (AS-PUBMATIC)
1 69.173.151.96 26667 (RUBICONPR...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.120.155.137 396982 (GOOGLE-CL...)
30 162.55.236.224 24940 (HETZNER-AS)
2 151.101.1.108 54113 (FASTLY)
2 162.248.18.34 62713 (AS-PUBMATIC)
4 162.19.138.116 16276 (OVH)
6 6 216.22.16.8 30633 (LEASEWEB-...)
4 4 104.22.69.131 13335 (CLOUDFLAR...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 35.214.232.91 15169 (GOOGLE)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 172.105.199.172 63949 (AKAMAI-LI...)
1 195.5.165.20 44968 (IPROM-AS)
1 23.88.86.2 24940 (HETZNER-AS)
2 2 104.112.34.49 16625 (AKAMAI-AS)
1 2 3.228.65.117 14618 (AMAZON-AES)
1 44.209.50.245 14618 (AMAZON-AES)
1 52.200.82.255 14618 (AMAZON-AES)
3 3 3.89.216.2 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
2 2 13.32.151.127 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 4 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
1 54.73.231.29 16509 (AMAZON-02)
648 144
Apex Domain
Subdomains
Transfer
83 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
pm-widget.taboola.com — Cisco Umbrella Rank: 3595
trc.taboola.com — Cisco Umbrella Rank: 705
ch-trc-events.taboola.com — Cisco Umbrella Rank: 3996
vidstat.taboola.com — Cisco Umbrella Rank: 3029
images.taboola.com — Cisco Umbrella Rank: 1923
sync.taboola.com — Cisco Umbrella Rank: 1322
sync-t1.taboola.com — Cisco Umbrella Rank: 1630
match.taboola.com — Cisco Umbrella Rank: 5178
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com — Cisco Umbrella Rank: 1933
imprchmp.taboola.com — Cisco Umbrella Rank: 5193
ch-match.taboola.com — Cisco Umbrella Rank: 5323
ch-vid-events.taboola.com — Cisco Umbrella Rank: 4931
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
wf.taboola.com — Cisco Umbrella Rank: 3148
vidanalytics.taboola.com — Cisco Umbrella Rank: 10191
ch-wf.taboola.com — Cisco Umbrella Rank: 5494
1 MB
67 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2300
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3172
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
254 KB
54 glbimg.com
s3.glbimg.com — Cisco Umbrella Rank: 63518
s2-valor.glbimg.com — Cisco Umbrella Rank: 458476
p.glbimg.com — Cisco Umbrella Rank: 97128
s.glbimg.com — Cisco Umbrella Rank: 70485
2 MB
49 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image6.pubmatic.com — Cisco Umbrella Rank: 823
ads.pubmatic.com — Cisco Umbrella Rank: 534
image2.pubmatic.com — Cisco Umbrella Rank: 924
image8.pubmatic.com — Cisco Umbrella Rank: 662
image4.pubmatic.com — Cisco Umbrella Rank: 1184
ow.pubmatic.com — Cisco Umbrella Rank: 1796
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
60 KB
45 aniview.com
vast.aniview.com — Cisco Umbrella Rank: 7056
player.aniview.com — Cisco Umbrella Rank: 1961
gov.aniview.com — Cisco Umbrella Rank: 4875
track1.aniview.com — Cisco Umbrella Rank: 2225
sync.aniview.com — Cisco Umbrella Rank: 1534
1 MB
34 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3792
sync.richaudience.com — Cisco Umbrella Rank: 1851
16 KB
31 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
203 KB
25 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com — Cisco Umbrella Rank: 609
51 KB
25 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
us-u.openx.net — Cisco Umbrella Rank: 522
u.openx.net — Cisco Umbrella Rank: 659
rtb.openx.net — Cisco Umbrella Rank: 695
5 KB
21 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
8 KB
20 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
187 KB
19 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
53 KB
17 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8527
cdn.tinypass.com — Cisco Umbrella Rank: 6082
buy.tinypass.com — Cisco Umbrella Rank: 6577
396 KB
16 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
cdn.stickyadstv.com — Cisco Umbrella Rank: 5459
113 KB
15 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
assets.a-mo.net — Cisco Umbrella Rank: 1715
c3.a-mo.net — Cisco Umbrella Rank: 11393
11 KB
15 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
7 KB
15 globo.com
valor.globo.com — Cisco Umbrella Rank: 632547
barra.globo.com — Cisco Umbrella Rank: 105970
id.globo.com — Cisco Umbrella Rank: 165685
horizon-schemas.globo.com — Cisco Umbrella Rank: 57106
globo-mab.globo.com Failed
cocoon.globo.com — Cisco Umbrella Rank: 84468
horizon.globo.com — Cisco Umbrella Rank: 59399
globo-ab.globo.com — Cisco Umbrella Rank: 67889
horizon-track.globo.com — Cisco Umbrella Rank: 46494
usergate.globo.com — Cisco Umbrella Rank: 77822
182 KB
14 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
6 KB
14 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
dis.criteo.com — Cisco Umbrella Rank: 597
11 KB
11 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
api.rlcdn.com — Cisco Umbrella Rank: 957
idsync.rlcdn.com — Cisco Umbrella Rank: 415
2 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
22 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
4 KB
11 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1611
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
sync.smartadserver.com — Cisco Umbrella Rank: 1330
4 KB
10 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1451
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
6 KB
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
5 KB
10 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
7 KB
9 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
2 KB
9 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1982
sync.mathtag.com — Cisco Umbrella Rank: 1372
10 KB
9 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 28178
usr.navdmp.com — Cisco Umbrella Rank: 33544
cdn.navdmp.com — Cisco Umbrella Rank: 7255
sync2.navdmp.com — Cisco Umbrella Rank: 55137
sync.navdmp.com — Cisco Umbrella Rank: 13151
12 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
370 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
d.turn.com — Cisco Umbrella Rank: 1384
3 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
cm.adform.net — Cisco Umbrella Rank: 1267
track.adform.net — Cisco Umbrella Rank: 4256
4 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 4992
p1cluster.cxense.com — Cisco Umbrella Rank: 9632
comcluster.cxense.com — Cisco Umbrella Rank: 4678
id.cxense.com — Cisco Umbrella Rank: 10459
82 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
1 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
4 KB
6 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2165
cdn.permutive.com — Cisco Umbrella Rank: 2904
108 KB
6 googlesyndication.com
038a2f0220674b4e8c9404adca5d27d5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
98 KB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
119 KB
5 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
3 KB
5 googleapis.com
gadasource.storage.googleapis.com — Cisco Umbrella Rank: 82300
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
153 KB
5 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9321
experiences.mrf.io — Cisco Umbrella Rank: 66022
flowcards.mrf.io — Cisco Umbrella Rank: 21213
57 KB
4 pippio.com
pippio.com — Cisco Umbrella Rank: 988
1 KB
4 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2822
2 KB
4 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
1 KB
4 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
954 B
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
2 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
3 KB
4 infoglobo.com.br
static.infoglobo.com.br — Cisco Umbrella Rank: 208521
81 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
2 KB
4 petametrics.com
cdn.petametrics.com — Cisco Umbrella Rank: 13674
query.petametrics.com — Cisco Umbrella Rank: 14383
55 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
2 KB
3 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3513
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
2 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
2 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
3 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
1 KB
3 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7374
2 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1585
mab.chartbeat.com — Cisco Umbrella Rank: 2550
25 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
creativecdn.com — Cisco Umbrella Rank: 592
2 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
13 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
75 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4223
onesignal.com — Cisco Umbrella Rank: 1433
73 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1352
685 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1767
1 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
cm.ctnsnet.com — Cisco Umbrella Rank: 4186
811 B
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2315
557 B
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1138
661 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4887
967 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
746 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1484
831 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1022 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4780
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
1013 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
610 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
2 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com — Cisco Umbrella Rank: 2801
2 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
540 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
814 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3211
635 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
69 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1376
402 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
325 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
90 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
script.hotjar.com — Cisco Umbrella Rank: 901
60 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
128 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
2 hubspotlinksstarter.com
d4jvmy04.na1.hubspotlinksstarter.com
4 KB
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2700
363 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5792
405 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1749
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1180
359 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2603
436 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
225 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
674 B
1 rtb.mx
id.rtb.mx — Cisco Umbrella Rank: 4685
478 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
260 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
603 B
1 mdhv.io
jelly.mdhv.io — Cisco Umbrella Rank: 6988
200 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3766
595 B
1 gstatic.com
fonts.gstatic.com
33 KB
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
288 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4024
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
555 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
594 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
3 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
386 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 1901
327 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 826
353 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1735
285 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
648 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
557 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
281 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
517 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5472
4 KB
1 prmutv.co
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co — Cisco Umbrella Rank: 134174
396 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
646 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1589
276 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122
536 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
372 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
860 B
1 permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app — Cisco Umbrella Rank: 81898
277 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7597
3 KB
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
339 B
1 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 63384
11 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
186 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4524
795 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 ivcbrasil.org.br Failed
ivccf.ivcbrasil.org.br Failed
648 139
Domain Requested by
37 s3.glbimg.com valor.globo.com
s3.glbimg.com
p.glbimg.com
s.glbimg.com
barra.globo.com
www.googletagmanager.com
d4jvmy04.na1.hubspotlinksstarter.com
buy.tinypass.com
30 sync.richaudience.com d4jvmy04.na1.hubspotlinksstarter.com
sync.richaudience.com
ssum-sec.casalemedia.com
us-u.openx.net
ads.pubmatic.com
28 pixel.rubiconproject.com 14 redirects valor.globo.com
onetag-sys.com
21 ib.adnxs.com 12 redirects d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
valor.globo.com
player.aniview.com
acdn.adnxs.com
21 simage2.pubmatic.com 4 redirects valor.globo.com
ads.pubmatic.com
20 cdnjs.cloudflare.com buy.tinypass.com
20 cm.g.doubleclick.net 14 redirects google-bidout-d.openx.net
valor.globo.com
onetag-sys.com
19 us-u.openx.net 4 redirects google-bidout-d.openx.net
sync.richaudience.com
ads.pubmatic.com
us-u.openx.net
18 id5-sync.com 9 redirects cdn.id5-sync.com
player.aniview.com
sync.richaudience.com
15 player.aniview.com vidstat.taboola.com
d4jvmy04.na1.hubspotlinksstarter.com
15 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
15 ads.stickyadstv.com 12 redirects vidstat.taboola.com
valor.globo.com
cdn.stickyadstv.com
15 x.bidswitch.net 15 redirects
15 sync.taboola.com 2 redirects valor.globo.com
ch-match.taboola.com
imprchmp.taboola.com
ads.pubmatic.com
15 images.taboola.com valor.globo.com
15 cdn.taboola.com d4jvmy04.na1.hubspotlinksstarter.com
cdn.taboola.com
client
valor.globo.com
14 onetag-sys.com 2 redirects d4jvmy04.na1.hubspotlinksstarter.com
onetag-sys.com
ads.pubmatic.com
14 eus.rubiconproject.com ch-match.taboola.com
imprchmp.taboola.com
eus.rubiconproject.com
ads.rubiconproject.com
d4jvmy04.na1.hubspotlinksstarter.com
sync.richaudience.com
13 token.rubiconproject.com 6 redirects eus.rubiconproject.com
valor.globo.com
sync.richaudience.com
13 ups.analytics.yahoo.com 8 redirects valor.globo.com
assets.a-mo.net
us-u.openx.net
12 sync.aniview.com d4jvmy04.na1.hubspotlinksstarter.com
onetag-sys.com
valor.globo.com
ads.pubmatic.com
12 prebid.a-mo.net valor.globo.com
d4jvmy04.na1.hubspotlinksstarter.com
11 ch-trc-events.taboola.com cdn.taboola.com
valor.globo.com
11 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
valor.globo.com
11 match.adsrvr.org 11 redirects
10 match.prod.bidr.io 10 redirects
10 s2-valor.glbimg.com valor.globo.com
s3.glbimg.com
10 securepubads.g.doubleclick.net valor.globo.com
securepubads.g.doubleclick.net
d4jvmy04.na1.hubspotlinksstarter.com
www.googletagservices.com
s3.glbimg.com
9 image2.pubmatic.com 1 redirects ads.pubmatic.com
9 track1.aniview.com valor.globo.com
player.aniview.com
9 pixel.tapad.com 3 redirects valor.globo.com
ads.pubmatic.com
us-u.openx.net
9 s.amazon-adsystem.com 2 redirects google-bidout-d.openx.net
valor.globo.com
ads.pubmatic.com
onetag-sys.com
ssum-sec.casalemedia.com
8 www.googletagmanager.com s3.glbimg.com
www.googletagmanager.com
7 pr-bh.ybp.yahoo.com 5 redirects google-bidout-d.openx.net
ads.pubmatic.com
7 pixel.mathtag.com 1 redirects d4jvmy04.na1.hubspotlinksstarter.com
pixel.mathtag.com
valor.globo.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 idsync.rlcdn.com 2 redirects ssum-sec.casalemedia.com
us-u.openx.net
6 sync.smartadserver.com 6 redirects
6 sync-tm.everesttech.net 5 redirects ads.pubmatic.com
6 sync.1rx.io 6 redirects
6 ad.turn.com 6 redirects
6 s.glbimg.com valor.globo.com
s.glbimg.com
6 cdn.ampproject.org valor.globo.com
cdn.ampproject.org
5 image8.pubmatic.com 5 redirects
5 ads.pubmatic.com ch-match.taboola.com
ads.pubmatic.com
d4jvmy04.na1.hubspotlinksstarter.com
sync.richaudience.com
5 vast.aniview.com vidstat.taboola.com
5 api.permutive.com d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
5 sync-t1.taboola.com valor.globo.com
ch-match.taboola.com
5 dis.criteo.com 5 redirects
5 gum.criteo.com 2 redirects static.criteo.net
cdn.taboola.com
4 pippio.com 3 redirects valor.globo.com
4 csync.smilewanted.com 4 redirects
4 lb.eu-1-id5-sync.com player.aniview.com
4 id.hadron.ad.gt player.aniview.com
4 shb.richaudience.com player.aniview.com
4 secure-assets.rubiconproject.com 4 redirects
4 b1sync.zemanta.com 3 redirects ads.pubmatic.com
4 gov.aniview.com player.aniview.com
4 pixel-sync.sitescout.com 4 redirects
4 id.rlcdn.com 4 redirects
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 bh.contextweb.com 2 redirects valor.globo.com
d4jvmy04.na1.hubspotlinksstarter.com
4 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
4 static.infoglobo.com.br www.googletagmanager.com
static.infoglobo.com.br
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
4 sb.scorecardresearch.com 2 redirects valor.globo.com
4 cocoon.globo.com s.glbimg.com
3 i.liadm.com 3 redirects
3 track.adform.net sync.richaudience.com
3 id.a-mx.com 2 redirects valor.globo.com
3 ap.lijit.com 3 redirects
3 pm.w55c.net 3 redirects
3 sync.targeting.unrulymedia.com 3 redirects
3 c1.adform.net 3 redirects
3 p.rfihub.com 3 redirects
3 fonts.googleapis.com cdn.taboola.com
buy.tinypass.com
3 eb2.3lift.com 1 redirects valor.globo.com
ads.pubmatic.com
3 trc.taboola.com cdn.taboola.com
valor.globo.com
3 events.newsroom.bi sdk.mrf.io
3 horizon-track.globo.com s3.glbimg.com
3 mug.criteo.com valor.globo.com
3 tag.navdmp.com d4jvmy04.na1.hubspotlinksstarter.com
tag.navdmp.com
s3.glbimg.com
3 sdk.mrf.io d4jvmy04.na1.hubspotlinksstarter.com
sdk.mrf.io
3 query.petametrics.com valor.globo.com
3 static.criteo.net securepubads.g.doubleclick.net
ads.rubiconproject.com
static.criteo.net
2 ch-wf.taboola.com vidstat.taboola.com
2 creativecdn.com 2 redirects
2 live.rezync.com 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 px.owneriq.net 2 redirects
2 ssum-sec.casalemedia.com sync.richaudience.com
ssum-sec.casalemedia.com
2 simage4.pubmatic.com ads.pubmatic.com
2 acdn.adnxs.com d4jvmy04.na1.hubspotlinksstarter.com
2 ssum.casalemedia.com 2 redirects
2 sync-dmp.mobtrakk.com 2 redirects
2 ssbsync-global.smartadserver.com 2 redirects
2 sync.mathtag.com 2 redirects
2 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
2 cs.admanmedia.com 1 redirects d4jvmy04.na1.hubspotlinksstarter.com
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 cm.adgrx.com 2 redirects
2 match.deepintent.com valor.globo.com
ads.pubmatic.com
2 secure.adnxs.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 ce.lijit.com 1 redirects valor.globo.com
2 sync.ipredictive.com 2 redirects
2 capi.connatix.com 1 redirects valor.globo.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 ch-vid-events.taboola.com valor.globo.com
vidstat.taboola.com
2 ch-match.taboola.com vidstat.taboola.com
2 u.openx.net 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 uipglob.semasio.net 2 redirects
2 ih.adscale.de 2 redirects
2 www.youtube.com sdk.mrf.io
www.youtube.com
2 prebid-a.rubiconproject.com ads.rubiconproject.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 ping.chartbeat.net valor.globo.com
2 cdn.navdmp.com tag.navdmp.com
2 usr.navdmp.com tag.navdmp.com
2 www.google.com securepubads.g.doubleclick.net
valor.globo.com
2 static.chartbeat.com d4jvmy04.na1.hubspotlinksstarter.com
2 connect.facebook.net d4jvmy04.na1.hubspotlinksstarter.com
connect.facebook.net
2 www.googletagservices.com securepubads.g.doubleclick.net
2 oajs.openx.net 1 redirects valor.globo.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
valor.globo.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
ads.rubiconproject.com
2 cdn.onesignal.com valor.globo.com
cdn.onesignal.com
2 valor.globo.com d4jvmy04.na1.hubspotlinksstarter.com
valor.globo.com
2 d4jvmy04.na1.hubspotlinksstarter.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com valor.globo.com
1 tags.rd.linksynergy.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 d.turn.com 1 redirects
1 sync.bfmio.com ads.pubmatic.com
1 crb.kargo.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 ums.acuityplatform.com 1 redirects
1 id.rtb.mx assets.a-mo.net
1 api.rlcdn.com player.aniview.com
1 prebid-server.rubiconproject.com valor.globo.com
1 ow.pubmatic.com valor.globo.com
1 cm.adform.net 1 redirects
1 rtb.openx.net 1 redirects
1 c3.a-mo.net 1 redirects
1 ads.playground.xyz onetag-sys.com
1 pixel-eu.rubiconproject.com 1 redirects
1 vidanalytics.taboola.com cdn.taboola.com
1 ssp.disqus.com 1 redirects
1 jelly.mdhv.io 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 fonts.gstatic.com fonts.googleapis.com
1 rtb.adentifi.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cms.quantserve.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 p1cluster.cxense.com cdn.cxense.com
1 flowcards.mrf.io valor.globo.com
1 cdn.stickyadstv.com vidstat.taboola.com
cdn.stickyadstv.com
1 visitor.omnitagjs.com valor.globo.com
1 cs.minutemedia-prebid.com valor.globo.com
1 bttrack.com 1 redirects
1 s.seedtag.com valor.globo.com
1 hb.yahoo.net valor.globo.com
1 sync1.intentiq.com valor.globo.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 match.sharethrough.com valor.globo.com
1 px.ads.linkedin.com valor.globo.com
1 aax-eu.amazon-adsystem.com valor.globo.com
1 wf.taboola.com vidstat.taboola.com
1 c2.piano.io cdn.tinypass.com
1 vidstatb.taboola.com valor.globo.com
1 imasdk.googleapis.com s3.glbimg.com
1 cdn.permutive.com d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
1 d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
1 imprchmp.taboola.com vidstat.taboola.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cds.taboola.com cdn.taboola.com
1 pagead2.googlesyndication.com www.googletagservices.com
1 pips.taboola.com cdn.taboola.com
1 cdn.tinypass.com experience.tinypass.com
1 match.taboola.com valor.globo.com
1 sync.go.sonobi.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 jadserve.postrelease.com valor.globo.com
1 trace.mediago.io 1 redirects
1 ssbsync.smartadserver.com valor.globo.com
1 tg.socdm.com 1 redirects
1 d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app s3.glbimg.com
1 www.npttech.com static.infoglobo.com.br
1 beacon.krxd.net tag.navdmp.com
1 usergate.globo.com s3.glbimg.com
1 tags.t.tailtarget.com s3.glbimg.com
1 experience.tinypass.com static.infoglobo.com.br
1 www.facebook.com valor.globo.com
1 experiences.mrf.io sdk.mrf.io
1 mab.chartbeat.com static.chartbeat.com
1 cms.analytics.yahoo.com 1 redirects
1 sync.navdmp.com valor.globo.com
1 sync2.navdmp.com valor.globo.com
1 globo-ab.globo.com p.glbimg.com
1 script.hotjar.com static.hotjar.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 gadasource.storage.googleapis.com d4jvmy04.na1.hubspotlinksstarter.com
1 static.hotjar.com d4jvmy04.na1.hubspotlinksstarter.com
1 horizon.globo.com valor.globo.com
1 horizon-schemas.globo.com s3.glbimg.com
1 prg.smartadserver.com ads.rubiconproject.com
1 bidder.criteo.com ads.rubiconproject.com
1 fastlane.rubiconproject.com ads.rubiconproject.com
1 038a2f0220674b4e8c9404adca5d27d5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 id.globo.com 1 redirects
1 cdn.petametrics.com valor.globo.com
1 ads.rubiconproject.com s3.glbimg.com
1 onesignal.com cdn.onesignal.com
1 p.glbimg.com valor.globo.com
1 barra.globo.com valor.globo.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 ivccf.ivcbrasil.org.br Failed valor.globo.com
0 globo-mab.globo.com Failed s3.glbimg.com
648 245
Subject Issuer Validity Valid
hubspotlinksstarter.com
Cloudflare Inc ECC CA-3
2023-04-17 -
2024-04-16
a year crt.sh
valor.globo.com
R3
2023-11-17 -
2024-02-15
3 months crt.sh
s3.glbimg.com
RapidSSL TLS RSA CA G1
2023-05-02 -
2024-05-02
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-03 -
2024-05-02
a year crt.sh
barra.globo.com
RapidSSL TLS RSA CA G1
2023-05-15 -
2024-05-15
a year crt.sh
*.glbimg.com
RapidSSL TLS RSA CA G1
2023-05-11 -
2024-05-10
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
cdn.petametrics.com
R3
2023-11-18 -
2024-02-16
3 months crt.sh
cdn.prod.uidapi.com
R3
2023-11-02 -
2024-01-31
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-09-25 -
2023-12-24
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-10-24 -
2024-01-22
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
horizon-schemas.globo.com
RapidSSL TLS RSA CA G1
2023-03-15 -
2024-03-15
a year crt.sh
*.liftigniter.com
R3
2023-10-09 -
2024-01-07
3 months crt.sh
cocoon.globo.com
RapidSSL TLS RSA CA G1
2023-09-07 -
2024-09-07
a year crt.sh
*.id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
horizon.globo.com
RapidSSL TLS RSA CA G1
2023-09-25 -
2024-09-25
a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-08-28 -
2023-11-26
3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-07 -
2024-05-07
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
static.infoglobo.com.br
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-01-30 -
2024-01-29
a year crt.sh
*.storage.googleapis.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1
2023-05-16 -
2024-06-06
a year crt.sh
esp.rtbhouse.com
GTS CA 1D4
2023-11-08 -
2024-02-06
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-29 -
2024-02-21
6 months crt.sh
globo-ab.globo.com
R3
2023-10-08 -
2024-01-06
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
horizon-track.globo.com
RapidSSL TLS RSA CA G1
2023-09-26 -
2024-09-26
a year crt.sh
ssl03.cert.cl11.k8s.mrf.io
R3
2023-11-16 -
2024-02-14
3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2022-12-19 -
2023-12-30
a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-08-09
a year crt.sh
usergate.globo.com
RapidSSL TLS RSA CA G1
2023-04-24 -
2024-04-23
a year crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-12
a year crt.sh
npttech.com
GTS CA 1P5
2023-10-30 -
2024-01-28
3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3
2023-11-06 -
2024-02-04
3 months crt.sh
*.postrelease.com
Amazon RSA 2048 M02
2023-10-27 -
2024-11-23
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-10 -
2024-05-09
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.prmutv.co
R3
2023-09-01 -
2023-11-30
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
api.permutive.com
R3
2023-10-15 -
2024-01-13
3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3
2023-01-26 -
2024-01-25
a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-13
a year crt.sh
piano.io
Cloudflare Inc ECC CA-3
2023-03-27 -
2024-03-26
a year crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-11 -
2024-09-11
a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-05-19
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-06-21 -
2024-03-02
8 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-11-30 -
2024-01-01
a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-09 -
2024-02-09
a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02
2023-03-31 -
2024-04-28
a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-16 -
2024-09-05
a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA
2023-04-03 -
2024-04-02
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
adentifi.com
Amazon RSA 2048 M01
2023-07-06 -
2024-08-03
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.a-mo.net
R3
2023-11-07 -
2024-02-05
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2
2023-04-20 -
2024-05-21
a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-02-27 -
2024-02-26
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA
2023-10-12 -
2024-11-10
a year crt.sh
*.eu-1-id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-25 -
2024-06-18
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-13 -
2024-11-10
a year crt.sh
*.iprom.net
R3
2023-11-13 -
2024-02-11
3 months crt.sh
truffle.bid
R3
2023-10-24 -
2024-01-22
3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01
2022-11-10 -
2023-12-09
a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02
2023-03-17 -
2024-04-14
a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-18 -
2024-09-17
a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02
2023-02-09 -
2024-02-13
a year crt.sh

This page contains 92 frames:

Primary Page: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Frame ID: FE16203C25BD144B9585C3953CD13780
Requests: 272 HTTP requests in this frame

Frame: https://valor.globo.com/login-callback.ghtml
Frame ID: 74F38132A1A1FACBD08BC21C2BA48039
Requests: 2 HTTP requests in this frame

Frame: https://038a2f0220674b4e8c9404adca5d27d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2A3026C27EA72B89711DB22A30F54BB
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-M7TMHTJ
Frame ID: 2BE3CFEE8B8CFECBE15A37DF957E015A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvO08dE01xqOLNOcMP2P3LDwS0tyT7UWWJ2SmgID7JoTP2M5HNHyfUEFU5TCSG4q0Wr1CmJPyuRAYWd89pHXcp1qfxrDzeW73MUSLHLHfgBhRZozJyMzwxvHJ3xDF2UYXBInwV7lVOmSyJQF5P8oM64w3XUmplplk0PsGPKy55l3CC0MB1sQGs6aMYvM8Oo8ZY5t9WRqBykBYhoU-vIu9ImtqPffa05RSGuCxWXG3FlprnRF9jxCLL-Q7xatvk_ODjBUv4KPeT5lsfKS4IxMqewLW8Tw3xKACpY4P0UZH5Xofl44BuaEn4RykLhXNbfJJewOHr8otLlf9g8lTYggIDVIujEfznCvB8yQ9kY3TgUoVVngqwWv14TAvVb3h4&sai=AMfl-YQQR0Go7AX2fVtqAcYkSk9Nabz03J_VVQHKflUz_xdQukI_a3pQ8B6gg_Y4R4W4ZQ-WZqOxAUE6oQCupYuIGnlZ4DOwHGiz2UY8j4wx1duSCXMsf1jfEYUpbvhRNnCr7RqOwVwpP3OHyijpGN0OSey-&sig=Cg0ArKJSzOmlaU5laziHEAE&uach_m=[UACH]&adurl=
Frame ID: F235AE804A171E116F4AA8480915284E
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=valor.globo.com
Frame ID: 053369D68921358FA9E54F2078ADC500
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-M7TMHTJ&restrictions=&gtm.url=https%3A%2F%2Fvalor.globo.com%2F
Frame ID: E286855EA029B2B1B8B1B16CFE410415
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-M7TMHTJ&restrictions=&gtm.url=https%3A%2F%2Fvalor.globo.com%2F
Frame ID: E1B4BE086CDB09BD8FE1AA9FD3D66924
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A70593E0BC537D565C3C0EF455DB2825
Requests: 6 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=fe226559-c52a-4300-b170-b415135d8eeb&no_iframe=1&mt_adid=225031&source=mathtag
Frame ID: 8A5BD6BDDE96A10F0C8B576B4EB463C7
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6dZmFQlP4I2cah_o8hema8LSquX2wmw-ngzKGDsJ84kvRozlxxK10oM3fuluMNwvrvEP-41giCXJt5bRE5TKL1VD1UhnDfAP4DODlmvdVOeNwGIo1aFa1M-k_l_K99sRnvltcYWvLAf-DePJdXcggAOTD8jurZMD3ZccvuABfKyJLwTmVxfgqixiafaDPFIY6KbklpyI32rwBFi14uug7vTzi1iQ9kTJBqNNHmOTlLnKvm26U4FzNhdFOVUehW6DxSVI40D2BZvDDW_qIvrqK_D6PVIG2PRbGqmH9Kb9nQwof16NcjtkRoz5kmgzzZKzb2aAEsfIyKTk4z80T797DGD4ALXDpFJD8y0Hpm5ZkrFCYzl6cOxOxhhnHAsg&sai=AMfl-YQXF0WqRMSir6T84pzhs9X7twok8Vq9g_9LK_0-tqGAwuiW30LA_3I5Pam1SvSeSIO-5pV39kj2cEFmD9cn8B1qHvpHJ8aDfNVXWi6Gr7tDtJho31hIX-ssj4UNsX4&sig=Cg0ArKJSzCWjZW51j1mXEAE&uach_m=[UACH]&adurl=
Frame ID: 601ABB4839FA3811C3A415F84E7EF8B5
Requests: 8 HTTP requests in this frame

Frame: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=3
Frame ID: F4225F94F7197B6F5C9812966E5281A3
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZVnFLMCo8YQAAPcmuAcAAAAA
Frame ID: DBFDD36B70CAFF990BD6DAA5CF666A72
Requests: 17 HTTP requests in this frame

Frame: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&cmcv=&pix=undefined&cb=1700381995641&uv=3358&tms=1700381995641&abt=adxsub-out_vA!adxsub-out_vB!ufm!uftchrwf_vC!unf_vC&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5328e3c4-f502-4979-a2ef-0b64c6a219b8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: EC9A38CCD1FB3C98F3676FAA56681903
Requests: 3 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 9542780E3D55F302D4FC3DA9DE0BA803
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 7BFF791557F0974EF97B112BFE7FA731
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 8CDD00C2DD1CFFA27D797A0CDA48746B
Requests: 19 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 9DBBA6B3CDE4188F15BA1CA715D67B33
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: C96B47D6AEA200C4DF94E9D60E0C8BE5
Requests: 26 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Frame ID: E121B6DC316F04BE9DA5EAC664D953E5
Requests: 20 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Frame ID: DD6514692D2B615F409DD1A14D1B2E58
Requests: 20 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 7C4F7F4E6DEC769A4F6BE4D8B750C76F
Requests: 4 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: F0F7E84615C3BC7359357165259D08DA
Requests: 17 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: FF486C5C333425B030CF0242D4D79198
Requests: 19 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: 52A5B0D5F8761E51A5D8869B8A3C6A71
Requests: 9 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: 06EB9D771B806CD04C78A8832D30AB7F
Requests: 19 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: 357E046D30D47A0225A891D283A11640
Requests: 18 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 18FFBA8A55985D0FF3FC75C8A058E7B1
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&redir=true&gdpr=0&gdpr_consent=
Frame ID: 0E627BF00B2D535B2256342BC93AFF95
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1226190852069536688&gdpr=0&gdpr_consent=
Frame ID: C6A13850F6CE99E9A1FC9B50EA7204C7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4a444a71-d342-45f7-b0da-e4e76d5e271d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: F82763C448C67C9526F6233910B8D879
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVnFLgAAwxOjbgBH
Frame ID: 7D417A1EE1E511147120C3968372DCDE
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 74B2AE47E7FF952332FAD104631A35FD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=6da3eec0-86b4-11ee-92b2-1fe6ff30cd25
Frame ID: C062128356615DD2F15EA6E40D87E514
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eIKzpS2CtPlj1L-sK4ar_niC5Klj0bOuLIQvgFhS
Frame ID: DDA6AE8B8A5E6FE71F3DC088872F8C58
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 95B54E38A20953CE271EF0CBD97416D1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033169764266234
Frame ID: 75C398A94B4A9BB5908459A69B015984
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ERMWsRJhXKxxAxmZYZY3DEYZ_7o&gdpr=0&gdpr_consent=
Frame ID: D7C36F46D2CB905EDDC9827A13F8A8D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3oaS0WqC1R4D265&gdpr=0&gdpr_consent=
Frame ID: D4ABCEABAF9EF84EE2943AB53EC3A737
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9D1E3C14BD369A91B4C15EFF4E22AE90
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Frame ID: 08F5AB348E4F82973A43C5FDD8DA9BF3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 529B6BA13EA46738DF2DFF67A022CD55
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7f32106bf5d4441a8d8abd8d9e875207
Frame ID: BD22FE2719829A0B3BA09A31E2543D64
Requests: 1 HTTP requests in this frame

Frame: https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Frame ID: 509D8C3D50F668351F054462A71F5363
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 4BAA164A1915A5CB5B6449494DBA1B5B
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=0&taboola_hm=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&orig=video&us_privacy=1---
Frame ID: 84C2C5579A1208A19B5C875670F7CC93
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AA64E17EE132DD80CF0C79EE809155BD
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D1%26key%3D
Frame ID: 11611BBAAFD32694AAFDE5AEFAAE8208
Requests: 6 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-aCsD72ZE2uKwOAygv4btypZcP_n4mA9t~A&gdpr_in_effect=0
Frame ID: 60121B8200BB73913B1A2909001AA02C
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=200&key=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
Frame ID: 3013745D9DBA9814E36CD3EC8D884DD2
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=18&key=HrmzhQZHj9hnad-STX6DT5p8
Frame ID: 44E0BF92B0492AC7987677A9125888AD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 7A233CC1A05C5FA3782CB08A152C9536
Requests: 4 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D
Frame ID: 6B511EF61ED8484E5D2754A17766AA85
Requests: 21 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=209bc32bc2ac8f31366d2dd71d31d3&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: DBD70A308F56BB12B7E88561D57DFD7C
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?pid=561914&ev=1&us_privacy=$
Frame ID: 0BCEA19D41332B53B41A1BFAC5FF5046
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 5225368D6C861999D53E353C384AEC3C
Requests: 15 HTTP requests in this frame

Frame: https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-16988f62-f6c6-362e-a0c4-1687522162ab&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xNjk4OGY2Mi1mNmM2LTM2MmUtYTBjNC0xNjg3NTIyMTYyYWIQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNzAwMzgxOTk4MzM4LTE3MjAyOTIwNTA3MC0wMDA2NzYtMDEwLTAwNTE0NiZiaWRkZXJuYW1lPTUyJmtleT11YS0xNjk4OGY2Mi1mNmM2LTM2MmUtYTBjNC0xNjg3NTIyMTYyYWIyAhgfOAE=&gdpr=&gdpr_consent=
Frame ID: 066B5CEACB6646A39154318EFBF09210
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1700381998034-172029210077-000611-009-006207&biddername=23&key=6c5ba71e-e7e2-4fc1-be5c-ccb1edc0fd03
Frame ID: D0A1C9BE82EAEEDD3762C2F309F0016B
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1700381998034-172029210077-000611-009-006207&biddername=55&key=1226190852069536688
Frame ID: 4A09F2A58A1B2D0A9F1BB301C8B5C270
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1700381998341-172027074059-000843-013-006362&biddername=10&pid=59c9148628a0612da3689288&key=mlf7oMpyiuvU&ev=1&us_privacy=1---&pid=562704
Frame ID: 915ED38491074486E311E8A24E26A2EE
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2936275069
Frame ID: 4FD27C19AE13B14FFBACEEFF6FEDE06C
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AA6ED4A2DDC5D2CA40602530CD04ED2D
Requests: 3 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=566725208
Frame ID: 93DBCC3E4FE2D84FDA2AC99E91342659
Requests: 6 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6888385888
Frame ID: 8B8345AD301D64CB5DBD8EA5E43DD3E5
Requests: 6 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2850261077
Frame ID: 1BA51F88BE3A305B4A8C278F5F924620
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7846C3617CB1A659332371E16D394FAF
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Frame ID: 42FA74238C173AFC03773EB4D44F6B5A
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Frame ID: AB35B225B04BBB6057A28D9CB1427D3B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Frame ID: D8C52E5EB8C1E6500A28439A69DD9E98
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Frame ID: A2A473A40E431131BD5A7466BDF91E3B
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Frame ID: C40E11880EA0735D3034C69EF29914E0
Requests: 10 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Frame ID: 64E23E6CC1C7923AF74282934A91ACA1
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Frame ID: 3069483763531B22DC14390587956F00
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Frame ID: A52121D673D4E03A327C332D8E604A6E
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Frame ID: B6C2C34DEF4513B04B73CC8CF2BDBA61
Requests: 8 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=854172919370
Frame ID: 0F4323F521989066B9316B11B0D068DF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 51A862A5A8A00E59D650272117918809
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: C011DDE3AD532E1B7D66EDF549D82A0F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Frame ID: 3E794E38E1200C860D54B091259C0006
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HdVbeLARDSaqK9F9MsVZZQ
Frame ID: 75AA8C205CFD17FE59CFF095BF16E2EF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
Frame ID: 7EF7FAEDA46E734C88B3229E0347B83D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 0AB0BC7E55BEAB3A791EBD840834C7EE
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 1360082C273AA4690859DDD0DBC14FFB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Frame ID: 26434D8F3E17C4334CDCDF3F56C5390A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7536684011275270728
Frame ID: 09E653A8A661C34EA2DAFF7979AF910A
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=0&taboola_hm=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&orig=video&us_privacy=1---
Frame ID: 3ABA7BE12CC357B9D4A6AA52D4E37468
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=1&key=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Frame ID: 46F33CB725291FC6F0073D96622B716D
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Frame ID: 906983741E5F343E50DE4A67D7D917B5
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Frame ID: 5D53DC69F8CD4834FA3F8CBBC5DB532C
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Frame ID: A360EE7DCB9E8F5D9F767A078F64ED2A
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Frame ID: 4CE1B40C6A312409DFF0B72BDF20E612
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=1&key=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Frame ID: 6F5DBD867D3912B7B0BE2639EF524648
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Receita exige IRRF sobre direitos creditórios | Legislação | Valor EconômicoGroup CopyGroup 5 CopyGroup 13 CopyGroup 5 Copy 2Group 6 Copy

Page URL History Show full URLs

  1. https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_... Page URL
  2. https://d4jvmy04.na1.hubspotlinksstarter.com/events/public/v1/encoded/track/tc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW... HTTP 307
    https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

648
Requests

77 %
HTTPS

27 %
IPv6

139
Domains

245
Subdomains

144
IPs

14
Countries

7490 kB
Transfer

23761 kB
Size

363
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404 Page URL
  2. https://d4jvmy04.na1.hubspotlinksstarter.com/events/public/v1/encoded/track/tc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404?_ud=ef3c2625-45be-4d45-9844-bd44010f2998&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=valor%40globoid-connect&redirect_uri=https%3A%2F%2Fvalor.globo.com%2Flogin-callback.ghtml&state=c9e42e81-89e4-4315-8493-2314c3163903&response_mode=fragment&response_type=code&scope=openid&nonce=199f1656-ef60-4a1e-9cfa-5d99333fd072&prompt=none&code_challenge=aFvyyvNzkms1BNsPqCkpZLH-zeWAa-znHXrVkAJI9P4&code_challenge_method=S256 HTTP 302
  • https://valor.globo.com/login-callback.ghtml
Request Chain 83
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&rid=esp&cc=1
Request Chain 93
  • https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 95
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1700381993081&ns_c=UTF-8&c8=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%20%7C%20Legisla%C3%A7%C3%A3o%20%7C%20Valor%20Econ%C3%B4mico&c7=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&c9= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1700381993081&ns_c=UTF-8&c8=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%20%7C%20Legisla%C3%A7%C3%A3o%20%7C%20Valor%20Econ%C3%B4mico&c7=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&c9=
Request Chain 125
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=valor.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=73y3t3xTQlIvTHFSZnQrNTBld00zUFdtVUN2SFBHN0J1MlBpcmRtZUhnSHlrZEZ3K0VyaVVJcWovSWRDQU9keU5xV3FtS2VoQ1FXclc0L3hXR213aGNTaHZncXA1czZQcmNqczRldjVkVG9HUVBCZXF3V2tycCtOdHdjWDhUK2VLU216cWxNa0MyWEZ2aVJwckV0R05HS24yTUdoYVdiM2N2aDJ6c3lxb1QyTFQ3UmdPWHZBZTRZbXhzOTVLSzdMSlRsaXUrK1hvaDhQNmtSa3o2bEJ6OU13c2Y3SnAzck5HSk5HRUVUVHBTbDhHLzZMSHNaMld0VmpEdjZ1MW1PYlFtemk0QVU4ZjZDTDc2ZVBobCtiZWxuZDZ0dz09fA&cppv=2
Request Chain 132
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=680f43c9-f379-c027-2b31-fb3b01a51fd1 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=680f43c9-f379-c027-2b31-fb3b01a51fd1&dcc=t
Request Chain 133
  • https://match.adsrvr.org/track/cmf/openx?oxid=30d93fb4-efd3-7bdd-eb3f-79ac6996d431&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=30d93fb4-efd3-7bdd-eb3f-79ac6996d431&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a902f120-5231-4d73-bf4d-b35c5110e8f0&ttd_puid=30d93fb4-efd3-7bdd-eb3f-79ac6996d431&gdpr=0&gdpr_consent=
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECXKohvMNvuy_oxWNNiQeEM&google_cver=1
Request Chain 151
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=84459534948 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=84459534948&google_gid=CAESEMI8o4HY13r0zh5XRS7WrJw&google_cver=1
Request Chain 152
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=fe226559-c52a-4300-b170-b415135d8eeb
Request Chain 153
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Request Chain 212
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZVnFLMCo8YQAAPcmuAcAAAAA
Request Chain 213
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=9911a809bd264a848d1571c9e98f21ca HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=9911a809bd264a848d1571c9e98f21ca
Request Chain 215
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP57JAYC-21-7NJN
Request Chain 216
  • https://trace.mediago.io/ju/cs/taboola HTTP 302
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1b7de7e8fc0c48492gttf900lp57jd2x
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMcwGElTEYjgICD8s_I_1kM&google_cver=1
Request Chain 220
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa
Request Chain 221
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a902f120-5231-4d73-bf4d-b35c5110e8f0
Request Chain 223
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8c555a98-0f5a-4eab-b702-853c1da88aac&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 224
  • https://id5-sync.com/s/464/9.gif?puid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F6%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/6/2.gif?puid=u_09202f15-366e-4fe3-9aab-4802ddfbd89e&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/5/3.gif?puid=B15F63C19F3A171F&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/4/4.gif?puid=566c06e1-5ef0-4571-90a4-d38b649d97c6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=a902f120-5231-4d73-bf4d-b35c5110e8f0&ttl=%%TTL%% HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/2/6.gif?puid=23654a88-16f7-4171-9ec0-35f1dab47de3&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F1%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/1/7.gif?puid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/0/8.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/0/8.gif?puid=1226190852069536688&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-3dc49VhND7ObvzVLuuPvi6zyVn_Augu4CEDPTwZKGw
Request Chain 225
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-7727404523825955925 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=64c94da1-7249-5343-9f35-6a97fa6cafba&ssp=taboola&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 226
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e92716a1-90a5-454d-aeae-7252ed358333 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e92716a1-90a5-454d-aeae-7252ed358333&tbid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&query=taboola_hm%3De92716a1-90a5-454d-aeae-7252ed358333&isDirect=0
Request Chain 227
  • https://eb2.3lift.com/xuid?mid=7772&xuid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 228
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=b7e3dc97-05d2-4a8a-9991-782ac8eb7085
Request Chain 260
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qT.7L75E2oQIXucQFUylNPirxXDQ2F3QtSIjbw--~A
Request Chain 261
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-ikkEvp5E2uEad8DJTQvsnhzNscwO.BcY~A&gdpr_in_effect=0
Request Chain 264
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qT.7L75E2oQIXucQFUylNPirxXDQ2F3QtSIjbw--~A
Request Chain 265
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-ikkEvp5E2uEad8DJTQvsnhzNscwO.BcY~A&gdpr_in_effect=0
Request Chain 297
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LP57JAYC-21-7NJN HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Request Chain 298
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=970033169764266234&expires=30&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 299
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fappnexus-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1--- HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync-t1.taboola.com%252Fsg%252Fappnexus-network%252F1%252Frtb-h%252F%253Forig%253Dvideo%2526taboola_hm%253D%2524UID%2526us_privacy%253D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=1226190852069536688&us_privacy=1---
Request Chain 300
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2E4ZmI3NWI4YWIyZDEyM2U5NWQzZGRmY2Q3ZjU0OTBiYzBhY2NlYQ&gdpr=0&us_privacy=1---
Request Chain 302
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/VhWrY2XscUzfqXZQrqDpBcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DEJFPXtE2oJdhy1kwWehdPTv987b_Mh9yrzclg--~A
Request Chain 303
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA1N0pBWUMtMjEtN05KTg==&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEMFfGa0Kol6ALBULXOKjRxo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA1N0pBWUMtMjEtN05KTg==&google_push=&gdpr=0
Request Chain 304
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=&expires=30
Request Chain 305
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=s7ZoN7VcRZGwEK-tZVEx2g&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=s7ZoN7VcRZGwEK-tZVEx2g&gdpr=0
Request Chain 306
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Request Chain 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LP57JAYC-21-7NJN&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDbfS54rWAygX1OsuDmLOS4&google_cver=1
Request Chain 309
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1--- HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGSDE7Ks4oAABbcxTk8jg&expires=30&gdpr=0
Request Chain 310
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Request Chain 311
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP57JAYC-21-7NJN&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP57JAYC-21-7NJN&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---&final=true
Request Chain 312
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Request Chain 313
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Request Chain 314
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=24ce2dbc-1c16-44eb-807b-e68ec5abc847&expires=30&gdpr=0&us_privacy=1---
Request Chain 315
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&us_privacy=1--- HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1--- HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP57JAYC-21-7NJN HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP57JAYC-21-7NJN&ckls=true&ci=TqVH7FXZzS&nc=false&trid=1727497006
Request Chain 318
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---&dnr=1
Request Chain 319
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Request Chain 320
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP57JAYC-21-7NJN&redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP57JAYC-21-7NJN&gdpr=0&redir=true&us_privacy=1--- HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS01Y3pQRGg1RTJ1RTZwbUdtN2UzdXdsRFBmb0FUcDM1SH5B&gdpr=0&ovsid=LP57JAYC-21-7NJN&dpid=58160&us_privacy=1---
Request Chain 321
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ERMWsRJhXKxxAxmZYZY3DEYZ_7o
Request Chain 322
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1164&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=383984206483609004
Request Chain 323
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=8c555a98-0f5a-4eab-b702-853c1da88aac&gdpr=0&us_privacy=1---
Request Chain 324
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Request Chain 325
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=666d506a-1afa-4f63-b682-fe4f55c55681
Request Chain 326
  • https://ad.turn.com/r/cs?pid=6&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3252457447538295465&expires=60&gdpr=0&gdpr_consent=
Request Chain 327
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=1226190852069536688&expires=30&gdpr=0&us_privacy=1---
Request Chain 328
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1700381997502&us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-dacc658d-55c3-4b1a-9a35-5253d202203c-005%26expires%3D30%26us_privacy%3D1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005&expires=30&us_privacy=1---
Request Chain 329
  • https://id.rlcdn.com/709414.gif?gdpr=0&us_privacy=1--- HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 331
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0&us_privacy=1--- HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Request Chain 332
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&us_privacy=1--- HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LP57JAYC-21-7NJN&name=RUBICON&gdpr=0&us_privacy=1---
Request Chain 333
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&expires=360&gdpr=0&gdpr_consent=
Request Chain 438
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1226190852069536688&gdpr=0&gdpr_consent=
Request Chain 439
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHU0RFN0tzNG9BQUJiY3hUazhqZw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAGSDE7Ks4oAABbcxTk8jg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAGSDE7Ks4oAABbcxTk8jg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGSDE7Ks4oAABbcxTk8jg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGSDE7Ks4oAABbcxTk8jg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=4056922767116350335&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGSDE7Ks4oAABbcxTk8jg&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4a444a71-d342-45f7-b0da-e4e76d5e271d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 440
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVnFLgAAwxOjbgBH
Request Chain 442
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=6da3eec0-86b4-11ee-92b2-1fe6ff30cd25
Request Chain 443
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eIKzpS2CtPlj1L-sK4ar_niC5Klj0bOuLIQvgFhS
Request Chain 444
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=545b3837-950e-48e4-b9be-658159de0d16&ssp=pubmatic&expires=30&user_group=5&bsw_param=30b13ab7-dbc6-4eff-9e07-01119cc841d7 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 445
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033169764266234
Request Chain 446
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ERMWsRJhXKxxAxmZYZY3DEYZ_7o&gdpr=0&gdpr_consent=
Request Chain 447
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3oaS0WqC1R4D265&gdpr=0&gdpr_consent=
Request Chain 448
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 449
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=0e0eb4c1-8555-4774-b7c3-a6ca69f23c90&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Request Chain 450
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 451
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7f32106bf5d4441a8d8abd8d9e875207
Request Chain 452
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/pubmatic/?gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2 HTTP 302
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2?gdpr=0 HTTP 301
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Request Chain 455
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I_hYH6epRvaQol9cQ8i_xg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 456
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=566c06e1-5ef0-4571-90a4-d38b649d97c6%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a902f120-5231-4d73-bf4d-b35c5110e8f0&ttd_puid=566c06e1-5ef0-4571-90a4-d38b649d97c6%2C%2C
Request Chain 459
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjNGODU4MUYtQTdBOS00NkY2LTkwQTItNUY1QzQzQzhCRkM2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIJEAS_A1pYzdESKXUd07aE&google_cver=1
Request Chain 461
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:80F0BBA4FA7E41C0BC939AA6389B762B
Request Chain 462
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=
Request Chain 463
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4YZZTSNE2uVLPh_PKwKWxJBwyxrX0cc-~A&gdpr=0
Request Chain 465
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1f17ccb7c1bb0619&is_secure=true&networkId=17100&version=1&nuid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABuI__FtQzKAMwEgy6AAAAAAA&expiration=1700468399&nuid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 466
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=24ce2dbc-1c16-44eb-807b-e68ec5abc847&gdpr=0&gdpr_consent=
Request Chain 468
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10C61F92B_BCE4BBAD&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 469
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&gdpr=0&gdpr_consent=
Request Chain 470
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 471
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=383984206483609004
Request Chain 478
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=209bc32bc2ac8f31366d2dd71d31d3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo1a91_7304785265137932464&gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MjA5YmMzMmJjMmFjOGYzMTM2NmQyZGQ3MWQzMWQz&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPZK1Gww-8lTLldA5rxFFJg&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/209bc32bc2ac8f31366d2dd71d31d3?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-p_aXMMNE2oMYvaR1_jxmNXeTtn8Ud_fS.0YkBGqj~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=1226190852069536688&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=3302076&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=24ce2dbc-1c16-44eb-807b-e68ec5abc847 HTTP 302
  • https://jelly.mdhv.io/v4/pixie HTTP 307
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=d1532e90-dcf1-41f5-b54f-9f3b2bccd218 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=${TM_USER_ID}&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=ZVnFLgAAwxOjbgBH&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1595%26userId%3D%24%7BUID%7D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1595&userId=0907b07b-564c-4834-80b3-b9b9e8cd16bc HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1580%26userId%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1580&userId=4115979473928357364007
Request Chain 484
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvalor.globo.com%2F&domain=valor.globo.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=gBZEt3xPSGxIRXQrbHBLUDY2VXJqbXpKQ2hqVmIxOEdhMGtOZEZaOEhIb2g4eldjTFU2YzdyNTZvSkw5N090Z2RFcjdBWUU4Mlk0M2NYWFVGNEFoOEdhMEU4Q2hXR2tucm82ZVgwcTFEaEVwQVVtc2luYWJuSzBiQ2toeVBaK3VCakZvK1VQOXl2Z2lQdFhzWVRCOTg1MzZOOG94Z2s4SGhEU2lPU05KVWkvQ2NHQmFlZjR0Vkc1dUhWNG5mQnlrYnBIeWpZbmZrZC9kbGFVVGZuV1ZWRGoxdVBlZFlJQ3RmZENPM1h6QzZIOC9iT3oxMGpSNWpxdkhXRnBaSUZiemNUOUpncVNOSVVQQjVHbzZJakJXS1Z3MXRUY3pxUE5UblIvWlNDbDhqR1R0N3V6QT18&cppv=2
Request Chain 489
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MjA5YmMzMmJjMmFjOGYzMTM2NmQyZGQ3MWQzMWQz&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 490
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=209bc32bc2ac8f31366d2dd71d31d3&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 492
  • https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-aCsD72ZE2uKwOAygv4btypZcP_n4mA9t~A&gdpr_in_effect=0
Request Chain 493
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8965314470 HTTP 302
  • https://sync.1rx.io/usersync/turn/3252457447538295465?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D200%26key%3DRX-dacc658d-55c3-4b1a-9a35-5253d202203c-005 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=200&key=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
Request Chain 494
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D18%26key%3D%24UID HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=18&key=HrmzhQZHj9hnad-STX6DT5p8
Request Chain 495
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 497
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=209bc32bc2ac8f31366d2dd71d31d3&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 498
  • https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=209bc32bc2ac8f31366d2dd71d31d3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo0447_7304785265137813118&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAGSDE7Ks4oAABbcxTk8jg&dataProviderId=817&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/209bc32bc2ac8f31366d2dd71d31d3?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-p_aXMMNE2oMYvaR1_jxmNXeTtn8Ud_fS.0YkBGqj~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=3oaS0WqC1R4D265&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=1226190852069536688&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://jelly.mdhv.io/v4/pixie?gdpr=0&gdpr_consent= HTTP 307
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=956b232c-0cc2-4a57-8e0b-bf320c0bb356 HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=561914&ev=1&us_privacy=$
Request Chain 500
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D52%26key%3DBUYERUID HTTP 302
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-16988f62-f6c6-362e-a0c4-1687522162ab&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xNjk4OGY2Mi1mNmM2LTM2MmUtYTBjNC0xNjg3NTIyMTYyYWIQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNzAwMzgxOTk4MzM4LTE3MjAyOTIwNTA3MC0wMDA2NzYtMDEwLTAwNTE0NiZiaWRkZXJuYW1lPTUyJmtleT11YS0xNjk4OGY2Mi1mNmM2LTM2MmUtYTBjNC0xNjg3NTIyMTYyYWIyAhgfOAE=&gdpr=&gdpr_consent=
Request Chain 510
  • https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998034-172029210077-000611-009-006207%26biddername%3D23%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1700381998034-172029210077-000611-009-006207&biddername=23&key=6c5ba71e-e7e2-4fc1-be5c-ccb1edc0fd03
Request Chain 511
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998034-172029210077-000611-009-006207%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1700381998034-172029210077-000611-009-006207&biddername=55&key=1226190852069536688
Request Chain 515
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=fe226559-c52a-4300-b170-b415135d8eeb&gdpr=0&gdpr_consent=
Request Chain 516
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LP57JAYC-21-7NJN&gdpr=0
Request Chain 517
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1226190852069536688
Request Chain 518
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=209bc32bc2ac8f31366d2dd71d31d3&gdpr_consent=&gdpr=0
Request Chain 520
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-aqQIflJBUAeCknS6Wbm5Qaxe_St8l_QA
Request Chain 521
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=4056922767116350335
Request Chain 522
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Cza82SB5vLzQT_1QcYbTXznQHeSik_5akZzXYL0VVBk
Request Chain 523
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 524
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELivHTjvXqXdK2QHziIRerY&google_cver=1
Request Chain 525
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-dGz74A9E2uGfpcM3CRIR9iVZdu1nLTDl4rgHK2M-~A
Request Chain 526
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=
Request Chain 527
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-7dTBVGlE2pmWz1PYrON.aXVGMZUbaNz0TaGJKA--~A&expires=5&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&us_privacy=
Request Chain 529
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998341-172027074059-000843-013-006362%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1700381998341-172027074059-000843-013-006362&biddername=10&pid=59c9148628a0612da3689288&key=mlf7oMpyiuvU&ev=1&us_privacy=1---&pid=562704
Request Chain 533
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=LP57JAYC-21-7NJN HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LP57JAYC-21-7NJN
Request Chain 541
  • https://id.a-mx.com/sync?tao=1&&do=valor.globo.com HTTP 302
  • https://c3.a-mo.net/b?uid=a06a08b8-54ec-4fe2-8d98-40e356e7ac18&sh=id.a-mx.com& HTTP 302
  • https://id.a-mx.com/set?oid=a06a08b8-54ec-4fe2-8d98-40e356e7ac18&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902&
Request Chain 543
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=b8526abd-30ea-4192-94e7-2c6f7deaa902&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=30b13ab7-dbc6-4eff-9e07-01119cc841d7 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=30b13ab7-dbc6-4eff-9e07-01119cc841d7&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=MzRlZGQzNzE1MDY2YjE5MA&gdpr=0&gdpr_consent=&us_privacy=1---&ssp=adaptmx&bsw_param=30b13ab7-dbc6-4eff-9e07-01119cc841d7 HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 544
  • https://ups.analytics.yahoo.com/ups/58570/occ?&gdpr=0&us_privacy=1---&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-dGz74A9E2uGfpcM3CRIR9iVZdu1nLTDl4rgHK2M-~A&gdpr=0
Request Chain 545
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=amx_com&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902
Request Chain 546
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=openx&uid=0907b07b-564c-4834-80b3-b9b9e8cd16bc
Request Chain 547
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=adform&uid=383984206483609004
Request Chain 548
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=smartadserver&uid=4056922767116350335
Request Chain 549
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Db8526abd-30ea-4192-94e7-2c6f7deaa902%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dpubmatic%26uid%3D23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=pubmatic&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Request Chain 550
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&s=191503&us_privacy=1---&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=index_rtb&uid=ZVnFMMY0.-GtZegaNPpQrAAA%261384
Request Chain 551
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=sovrn&uid=HrmzhQZHj9hnad-STX6DT5p8
Request Chain 552
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=appnexus&uid=1226190852069536688
Request Chain 586
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Request Chain 587
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID HTTP 307
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HrmzhQZHj9hnad-STX6DT5p8
Request Chain 588
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/&cklb=1 HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=4056922767116350335
Request Chain 589
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=1226190852069536688&gdpr=0&gdpr_consent=
Request Chain 590
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=a902f120-5231-4d73-bf4d-b35c5110e8f0
Request Chain 591
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID HTTP 302
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=d4acb1d937222a5837ee72bd9fa80b7b
Request Chain 593
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Request Chain 594
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID HTTP 302
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=d0a86189e3414fbdc46cbde9551da18d
Request Chain 595
  • https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAGSDE7Ks4oAABbcxTk8jg
Request Chain 596
  • https://id5-sync.com/s/286/9.gif?puid=c54ac035-593a-4346-b594-0zz1700381999&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEC_R6Uk7utAV2FxlJ4gVVLQ&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEC_R6Uk7utAV2FxlJ4gVVLQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1226190852069536688&opid=apx&ops=&utidl=tech:goo:CAESEC_R6Uk7utAV2FxlJ4gVVLQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A54439845909&gdpr=0&gdpr_consent=&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-3dc49VhND7ObvzVLuuPvi6zyVn_Augu4CEDPTwZKGw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-3dc49VhND7ObvzVLuuPvi6zyVn_Augu4CEDPTwZKGw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/286/124/7/3.gif?puid=a44467ef-dd25-4451-baed-215ff6a239d0&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-3dc49VhND7ObvzVLuuPvi6zyVn_Augu4CEDPTwZKGw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F916%2F6%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/286/916/6/4.gif?puid=a44467ef-dd25-4451-baed-215ff6a239d0&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F821%2F5%2F5.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
  • https://id5-sync.com/c/286/821/5/5.gif?puid=5ef92594-467a-4058-a037-eaab902573d2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F104%2F4%2F6.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/104/4/6.gif?puid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F136%2F3%2F7.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/286/136/3/7.gif?puid=ZVnFLgAAwxOjbgBH&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=LP57JAYC-21-7NJN&gdpr=0
Request Chain 597
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=c54ac035-593a-4346-b594-0zz1700381999 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Drichaudience%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=richaudience&user_id=k-zDg8eHLzBWxexl5tU55l5r5f9eUN6EFePxpV0A&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&us_ps=
Request Chain 598
  • https://cs.admanmedia.com/94dcde452288200d4a351d837ab898ca.gif?puid=c54ac035-593a-4346-b594-0zz1700381999&redir=https%3A%2F%2Fsync.richaudience.com%2F28c494da87ff99969927ac34ba30adbe%2F%3Fuid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://sync.richaudience.com/28c494da87ff99969927ac34ba30adbe/?uid=da282d1f-7575-48d5-bbfc-5e3794a4f214
Request Chain 603
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Request Chain 604
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/&cklb=1 HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=4056922767116350335
Request Chain 605
  • https://id5-sync.com/s/286/9.gif?puid=c54ac035-593a-4346-b594-0zz1700381999&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/286/19/8/2.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/19/8/2.gif?puid=103a4eb2b48ab6d079714013a2e45a10&gdpr=0&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEC_R6Uk7utAV2FxlJ4gVVLQ&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEC_R6Uk7utAV2FxlJ4gVVLQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1226190852069536688&opid=apx&ops=&utidl=tech:goo:CAESEC_R6Uk7utAV2FxlJ4gVVLQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A54439845909&gdpr=0&gdpr_consent=&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY HTTP 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F821%2F6%2F4.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
  • https://id5-sync.com/c/286/821/6/4.gif?puid=5ef92594-467a-4058-a037-eaab902573d2&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-3dc49VhND7ObvzVLuuPvi6zyVn_Augu4CEDPTwZKGw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F916%2F5%2F5.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/286/916/5/5.gif?puid=a44467ef-dd25-4451-baed-215ff6a239d0&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F826%2F4%2F6.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341%26partner_url%3Dhttps%253A%252F%252Fid5-sync.com%252Fc%252F286%252F826%252F4%252F6.gif%253Fpuid%253Da41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F826%2F4%2F6.gif%3Fpuid%3Da41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/286/826/4/6.gif?puid=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F136%2F3%2F7.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/286/136/3/7.gif?puid=ZVnFLgAAwxOjbgBH&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
Request Chain 606
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID HTTP 302
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=a9e604654e5576fabc5eb47b9960a7a2
Request Chain 609
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/&cklb=1 HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=4056922767116350335
Request Chain 610
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=c54ac035-593a-4346-b594-0zz1700381999 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Drichaudience%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=richaudience&user_id=k-zDg8eHLzBWxexl5tU55l5r5f9eUN6EFePxpV0A&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&us_ps=
Request Chain 611
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID HTTP 302
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=8f2dba26f31170c22b63635a57d8ec51
Request Chain 612
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=854172919370
Request Chain 613
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 615
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fe226559-c52a-4300-b170-b415135d8eeb&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Request Chain 616
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HdVbeLARDSaqK9F9MsVZZQ
Request Chain 617
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8874850671 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a902f120-5231-4d73-bf4d-b35c5110e8f0 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-dacc658d-55c3-4b1a-9a35-5253d202203c-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
Request Chain 620
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:80F0BBA4FA7E41C0BC939AA6389B762B&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Request Chain 621
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7536684011275270728&uid=Q7536684011275270728&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7536684011275270728
Request Chain 623
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&vxii_pid=12&vxii_pid1=10067&vxii_rcid=d302d3ed-0378-40e0-a01b-29c43ed58568
Request Chain 627
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVnFMMY0.-GtZegaNPpQrAAA%261384&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVnFMMY0.-GtZegaNPpQrAAA%261384&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8a6f98d1b20f4c81a08da7796064d9d7 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3252457447538295465 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=8a6f98d1-b20f-4c81-a08d-a7796064d9d7 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b344e16e-9701-4294-a0cf-f17917cc3712%3A1700382002.9722192&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db344e16e-9701-4294-a0cf-f17917cc3712%253A1700382002.9722192%26_%3D1700382002.974679&cb=1700382002.9747458 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=970033169764266234&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db344e16e-9701-4294-a0cf-f17917cc3712%253A1700382002.9722192%26_%3D1700382002.974679 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b344e16e-9701-4294-a0cf-f17917cc3712%3A1700382002.9722192&_=1700382002.974679 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1226190852069536688
Request Chain 628
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVnFMMY0-_GtZegaNPpQrAAABWgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEC_qL0GHNjJbpVIP2OxiBmE&google_cver=1
Request Chain 630
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVnFMMY0.-GtZegaNPpQrAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB3UMxoO_YJ1umBU4a_CnTc&google_cver=1&google_hm=2
Request Chain 631
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=313ad0d2f7434fadaf23b0d54669ccdc&expiration=1702974001
Request Chain 632
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZVnFLgAAwxOjbgBH
Request Chain 633
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGSDE7Ks4oAABbcxTk8jg&expiration=1701591601
Request Chain 634
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVnFMMY0.-GtZegaNPpQrAAA%261384 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVnFMMY0.-GtZegaNPpQrAAA%261384&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=K8uT7T76qPzi5L74PwEp6TiF3g3rG--bPTWaxFB8edw&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVnFMMY0.-GtZegaNPpQrAAA%261384&tc=1
Request Chain 639
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=651f40d2-2294-4dbd-b446-f95f500db5e9 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEAq9u51Yh0skfrkeLssVy4&google_cver=1
Request Chain 640
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1226190852069536688
Request Chain 641
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 642
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVnFLgAAwxOjbgBH
Request Chain 646
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=651f40d2-2294-4dbd-b446-f95f500db5e9 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ac6e9f22e8238f1861581d9cd41a6746b285b100e688d5fe4024fc64404cdb03791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhYzZlOWYyMmU4MjM4ZjE4NjE1ODFkOWNkNDFhNjc0NmIyODViMTAwZTY4OGQ1ZmU0MDI0ZmM2NDQwNGNkYjAzNzkxNDI2YjU0MTdkY2UyMRAAGgwIsYrnqgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhYzZlOWYyMmU4MjM4ZjE4NjE1ODFkOWNkNDFhNjc0NmIyODViMTAwZTY4OGQ1ZmU0MDI0ZmM2NDQwNGNkYjAzNzkxNDI2YjU0MTdkY2UyMRAAGgwIsYrnqgYSBAgCEABCAEoA&google_gid=CAESECYw-nbd0-fwsTqC1biBoMQ&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=ed566181-d73f-4acf-9d6c-4b77f3933c39
Request Chain 647
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1226190852069536688
Request Chain 648
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 649
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVnFLgAAwxOjbgBH
Request Chain 653
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=651f40d2-2294-4dbd-b446-f95f500db5e9 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=651f40d2-2294-4dbd-b446-f95f500db5e9
Request Chain 654
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1226190852069536688
Request Chain 655
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 656
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVnFLgAAwxOjbgBH
Request Chain 665
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr=0&gdpr_consent=&gdpr=0&khaos=LP57JAYC-21-7NJN HTTP 302
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LP57JAYC-21-7NJN&gdpr=0
Request Chain 678
  • https://idsync.rlcdn.com/712188.gif?partner_uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent= HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ac6e9f22e8238f1861581d9cd41a6746b285b100e688d5fe4024fc64404cdb03791426b5417dce21&_=2 HTTP 307
  • https://pippio.com/api/liveramp.com

648 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ...
d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/
8 KB
3 KB
Document
General
Full URL
https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
828707c3481136d1-YYZ
content-encoding
br
content-type
text/html;charset=utf-8
date
Sun, 19 Nov 2023 08:19:48 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
4
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-85fc46d85f-42fqg
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
4fffe923-110a-4807-a4c6-743d35866654
x-request-id
4fffe923-110a-4807-a4c6-743d35866654
x-robots-tag
none
Primary Request receita-exige-irrf-sobre-direitos-creditorios.ghtml
valor.globo.com/legislacao/noticia/2023/09/14/
Redirect Chain
  • https://d4jvmy04.na1.hubspotlinksstarter.com/events/public/v1/encoded/track/tc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-...
  • https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9z...
635 KB
159 KB
Document
General
Full URL
https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.177.178 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
d4ed05f61d36bdb02fec1df443c9157fe21428f5075a159ff9abf4a4e32e0dd9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=10
content-encoding
gzip
content-length
161557
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 08:19:49 GMT
expires
Sun, 19 Nov 2023 08:19:59 GMT
http_x_forwarded_proto
https
show-page-version
0
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, Wall-Subscription-Level, Origin
via
2.0 CachOS
wall-blocked-session
0
wall-subscription-level
0
wall-usl-status
x-bip
18018516 cmad06lx29ca04.globoi.com
x-cache-status
MISS
x-content-type-options
nosniff
x-location-rule
show_services
x-mobile
desktop
x-request-id
8a1e74d6-660c-494a-9e33-ef223e6d8b2c
x-served-from
valor-router-gcp, Show Services GCP
x-thanos
0A80FC08
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
828707c488e936d1-YYZ
date
Sun, 19 Nov 2023 08:19:48 GMT
link
<https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email>; rel="canonical"
location
https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
33
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-85fc46d85f-2nrz9
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
99b447f1-5fe2-4c22-bba9-1a465081c017
x-request-id
99b447f1-5fe2-4c22-bba9-1a465081c017
x-robots-tag
none
bold.woff2
s3.glbimg.com/cdn/fonts/opensans/
10 KB
11 KB
Font
General
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:50 GMT
x-openstack-request-id
txf3e418dbf6124199a3188-006515d57f
last-modified
Tue, 25 Jun 2019 17:35:22 GMT
x-thanos
0A8250E3
etag
8593a5a07cf620d4512fcb71cbcd07a6
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484121.35690
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10284
x-trans-id
txf3e418dbf6124199a3188-006515d57f
x-request-id
7c08aa20-dcf0-47b7-b7f9-d38b5acfe481
semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/
16 KB
16 KB
Font
General
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:50 GMT
x-openstack-request-id
tx45da8b1a41e74f8d9d4db-006478b8e4
last-modified
Tue, 25 Jun 2019 17:36:47 GMT
x-thanos
0A8250E3
etag
365c53275ca5dad1584b7e0bd3a46c1e
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484206.27623
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16172
x-trans-id
tx45da8b1a41e74f8d9d4db-006478b8e4
x-request-id
b9f9534a-6549-416e-8832-6df11485c24b
regular.woff2
s3.glbimg.com/cdn/fonts/opensans/
10 KB
11 KB
Font
General
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:50 GMT
x-openstack-request-id
txac6045a9385449f48a08f-0064defe69
last-modified
Tue, 25 Jun 2019 17:36:35 GMT
x-thanos
0A8250E3
etag
4124088fdd8c315a6d096b65b6cbf428
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484194.26376
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10352
x-trans-id
txac6045a9385449f48a08f-0064defe69
x-request-id
aa7277fe-2538-4805-9d04-b5f60742bc8d
light.woff2
s3.glbimg.com/cdn/fonts/opensans/
10 KB
10 KB
Font
General
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/light.woff2
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:50 GMT
x-openstack-request-id
txbe231573545b46388b0af-006478b8e5
last-modified
Tue, 25 Jun 2019 17:36:08 GMT
x-thanos
0A8250E3
etag
98b6233d6ac91b3538d60fee0ce3393b
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484167.30297
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10200
x-trans-id
txbe231573545b46388b0af-006478b8e5
x-request-id
52e1a0e2-a700-4964-b690-e9ec784f6de3
v0.js
cdn.ampproject.org/
278 KB
73 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 19 Nov 2023 08:19:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73200
x-xss-protection
0
server
sffe
etag
"b209cac081bc437c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 19 Nov 2023 08:19:50 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
100 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00f656c08f93a334576cf9c57d9aa253151c89b32c1361757aeb2f670b77d8bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30912
x-xss-protection
0
server
cafe
etag
274 / 19680 / 31079658 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 08:19:50 GMT
lib-pub-relay-valor-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/valor/prod/
2 KB
1 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/valor/prod/lib-pub-relay-valor-latest.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e9b1a3ef8a88c12787fec313c22dd882e13a5e9f231200e912cc382a1fa351f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:51 GMT
content-encoding
gzip
x-openstack-request-id
tx831ad5d982bf4e5c9fd7b-006559c4ce
last-modified
Fri, 18 Aug 2023 21:17:57 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
x-object-meta-mtime
1692392629.000000
content-type
application/javascript
x-timestamp
1692393476.17563
cache-control
public, max-age=180
x-trans-id
tx831ad5d982bf4e5c9fd7b-006559c4ce
x-request-id
1eccf11e-d378-40ad-8bcd-69b5275e81f0
amp-social-share-0.1.js
cdn.ampproject.org/v0/
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d231dab03e0f5f208538cec3a7809ccafe18021983a419c628ecda4b02fa5998
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 19 Nov 2023 08:19:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4733
x-xss-protection
0
server
sffe
etag
"2936ef8216ac27e2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 19 Nov 2023 08:19:50 GMT
amp-timeago-0.1.js
cdn.ampproject.org/v0/
37 KB
9 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-timeago-0.1.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab84b1e93fa26d4f95c1beafb16864d68ed7baec6ccd02ec40537f901e5f1706
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 19 Nov 2023 08:19:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
sffe
etag
"50600fd585ae9f41"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 19 Nov 2023 08:19:50 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/v0/
7 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-fit-text-0.1.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c7dfa5469f6a802194f9a439c6da9d26fc09811a266fe73cb0676c27b3914a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 19 Nov 2023 08:19:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2512
x-xss-protection
0
server
sffe
etag
"62fc92e49c272418"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 19 Nov 2023 08:19:50 GMT
amp-bind-0.1.js
cdn.ampproject.org/v0/
50 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-bind-0.1.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7519a2072da56ecf3d5fb43f93b16ffa35bac03ac976f4ab12f5c963243bd17
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 19 Nov 2023 08:19:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16360
x-xss-protection
0
server
sffe
etag
"eebf4bb91960659f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 19 Nov 2023 08:19:50 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:50 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
411
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
828707d13b8736a4-YYZ
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 22 Nov 2023 08:19:50 GMT
barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/
22 KB
5 KB
Stylesheet
General
Full URL
https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-location-rule
barra-legado
date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
304740828 ah11 28 01
age
152
x-cache-status
HIT
x-goog-meta-x-goog-reserved-source-generation
1669739324870000
content-length
4317
x-xss-protection
1; mode=block
x-request-id
dc44cd64-577a-4223-acd9-5c8b6bd04df0
last-modified
Fri, 02 Jun 2023 19:14:58 GMT
x-thanos
0A837C05
etag
W/"c580509368f67b01edaa2d4f8057bbbe"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/css; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 19 Nov 2023 08:22:19 GMT
nao-barreira-desk-padrao-02.gif
s2-valor.glbimg.com/RPyrLbQt8ARBcShxsqECN4yJ48A=/600x0/filters:quality(70)/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/0/s/A7IuB5QAWZEEhzd1bPDw/
18 KB
18 KB
Image
General
Full URL
https://s2-valor.glbimg.com/RPyrLbQt8ARBcShxsqECN4yJ48A=/600x0/filters:quality(70)/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/0/s/A7IuB5QAWZEEhzd1bPDw/nao-barreira-desk-padrao-02.gif
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
60d56367b142a937632bd2a539e4ee374db577563956f470db4a83d579a8ea33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
via
2.0 CachOS
x-bip
980353199 ah19 37 01
age
23951
x-cache-server
thumbor/nginx-cache
content-length
18477
x-cached
HIT
x-request-id
135d17e6-6436-4d6d-a616-73cc2dbb319c
x-forwarded-host
s2-valor.glbimg.com
x-thanos
0A819C70
etag
"447dbc04a479f09289ad230d20a084b9cca71398"
vary
Origin, Accept
content-type
image/gif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Tue, 19 Dec 2023 00:09:42 GMT
bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/
220 KB
77 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
da417b10878ef530228ad8bf0950fbb2cb5471a51aea7491d508af71ba394f09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:51 GMT
content-encoding
gzip
x-openstack-request-id
txa3469d4856084997b5978-0065492323
last-modified
Tue, 08 Aug 2023 17:32:03 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1691515922.84841
cache-control
public, max-age=2592000
x-trans-id
txa3469d4856084997b5978-0065492323
x-request-id
a2f8908c-f107-4084-86d2-365a49a09d35
bee8b7eb-16a9-4ffd-bd6f-2aab824c5b7a.js
s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/valor/99ff4573-971d-43fa-9b73-c4a1a2ff27e6/
68 KB
17 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/valor/99ff4573-971d-43fa-9b73-c4a1a2ff27e6/bee8b7eb-16a9-4ffd-bd6f-2aab824c5b7a.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e4e03fbe66c13e33252842f0a6001c66bcfd1bb15f0f05bf101c8db63b5fe811

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:51 GMT
content-encoding
gzip
x-openstack-request-id
tx6e196bacafa44f1cbbba5-006559c4cf
last-modified
Tue, 12 Sep 2023 12:03:37 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1694520216.03986
cache-control
public, max-age=180
x-trans-id
tx6e196bacafa44f1cbbba5-006559c4cf
x-request-id
5de63d86-1ffe-422e-9bf4-9b6277e6d4f9
bee8b7eb-16a9-4ffd-bd6f-2aab824c5b7a.css
s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/valor/99ff4573-971d-43fa-9b73-c4a1a2ff27e6/
6 KB
3 KB
Stylesheet
General
Full URL
https://s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/valor/99ff4573-971d-43fa-9b73-c4a1a2ff27e6/bee8b7eb-16a9-4ffd-bd6f-2aab824c5b7a.css
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
509ef6cbf39ac9f7498c733a3b4699bfa113ff0ec1950f2d72245a52fc8039b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:51 GMT
content-encoding
gzip
x-openstack-request-id
tx4fab7e3e1e454c048d79d-006559c505
last-modified
Tue, 12 Sep 2023 12:03:42 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
text/css; charset=utf-8
x-timestamp
1694520221.18005
cache-control
public, max-age=180
x-trans-id
tx4fab7e3e1e454c048d79d-006559c505
x-request-id
3108f608-f291-4447-8635-fd51c251ad42
api.min.js
p.glbimg.com/api/stable/
42 KB
13 KB
Script
General
Full URL
https://p.glbimg.com/api/stable/api.min.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
113242439 ah15 26 01
age
48714
x-cache-status
HIT
content-length
12654
x-xss-protection
1; mode=block
x-request-id
42db0058-2339-48bf-9e22-3ffb12453884
last-modified
Tue, 03 Jan 2023 00:49:51 GMT
x-thanos
0A83DC23
etag
W/"d82e539ab2fdc0f51354d1f15969ebbe"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 19 Nov 2023 18:47:57 GMT
lgpd-lib.min.css
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/
11 KB
2 KB
Stylesheet
General
Full URL
https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.css
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
507acc179bfa7c929b83831d028f83b5fa85a02c9426588657ece1da51ae6b43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:51 GMT
content-encoding
gzip
x-openstack-request-id
tx989e14c236514844b4727-006558fc2f
last-modified
Mon, 09 Jan 2023 17:51:24 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
text/css; charset=utf-8
x-timestamp
1673286683.73068
cache-control
public, max-age=86400
x-trans-id
tx989e14c236514844b4727-006558fc2f
x-request-id
effa5c40-14b1-4c6d-b6ff-7297d7a735c4
lgpd-lib.min.js
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/
46 KB
15 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
ec0d8435d5d30bc297e0b2db3f87fe8fc998b3440d56f33205e702c57a84443d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:51 GMT
content-encoding
gzip
x-openstack-request-id
tx7d80e46ac8da429b92e2b-006558fc31
last-modified
Mon, 09 Jan 2023 17:51:24 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
x-timestamp
1673286683.73565
cache-control
public, max-age=86400
x-trans-id
tx7d80e46ac8da429b92e2b-006558fc31
x-request-id
84ea9bfb-53df-4d76-b5aa-f65b87a3e850
jquery.min.js
s3.glbimg.com/cdn/libs/jquery/1.8.3/
91 KB
38 KB
Script
General
Full URL
https://s3.glbimg.com/cdn/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:50 GMT
content-encoding
gzip
x-openstack-request-id
tx3b5e4438bfa34d16942c9-006478b8eb
last-modified
Tue, 09 Oct 2018 19:06:54 GMT
x-thanos
0A8250E3
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1539112013.52960
cache-control
max-age=31536000
x-trans-id
tx3b5e4438bfa34d16942c9-006478b8eb
x-request-id
3151ec12-4c7b-4da7-992e-2cf26eab33a9
85725c46f1bcc1991d1953a008c08562.js
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/
229 KB
80 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/85725c46f1bcc1991d1953a008c08562.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
a2d3e48900f4680ad94aad4f198125d9a80ede15a94dec5a3f281b2780e52df2

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:50 GMT
content-encoding
gzip
x-openstack-request-id
tx3554a3494a0a492a9176e-006550ef33
content-length
80863
x-trans-id
tx3554a3494a0a492a9176e-006550ef33
x-request-id
1b178fa5-86ab-4166-94dc-1e0694774e3f
last-modified
Tue, 18 Jul 2023 01:13:08 GMT
x-thanos
0A8250E3
etag
d0e873827725b59440be81ca46884583
vary
Accept-Encoding, Origin
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp
1689642787.11824
cache-control
public, max-age=604800
accept-ranges
bytes
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:50 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
410
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
828707d20bf136a4-YYZ
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 22 Nov 2023 08:19:50 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/
430 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 22:06:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
36814
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 17 Nov 2024 22:06:16 GMT
web
onesignal.com/api/v1/sync/cf4e0bb8-93b1-4d47-bd50-261b56b26369/
5 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/cf4e0bb8-93b1-4d47-bd50-261b56b26369/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a5969fcbefd7da7544dab35d520874fc14d959a0b97b051b220e8fa18cda3a0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
fb91e835-e928-45b0-b5ee-9af83dd40acc
x-runtime
0.031104
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2a5969fcbefd7da7544dab35d520874f"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
828707d38cfc36a4-YYZ
access-control-allow-headers
SDK-Version
expires
Sun, 19 Nov 2023 09:19:51 GMT
lib-pub-core-valor-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/valor/prod/
54 KB
15 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/valor/prod/lib-pub-core-valor-latest.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/valor/prod/lib-pub-relay-valor-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
57837c8c9030b13099ca823a3ea80570b287ccb7d5d532ea0638e4ed847e27d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:51 GMT
content-encoding
gzip
x-openstack-request-id
tx7f624affb0df4a5a80b59-006559c493
last-modified
Fri, 20 Oct 2023 20:26:44 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
x-object-meta-mtime
1697833214.000000
content-type
application/javascript
x-timestamp
1697833603.59405
cache-control
public, max-age=180
x-trans-id
tx7f624affb0df4a5a80b59-006559c493
x-request-id
c1a9e949-dc2c-424c-acb3-7f10c1815d97
15688_valor.js
ads.rubiconproject.com/prebid/
392 KB
123 KB
Script
General
Full URL
https://ads.rubiconproject.com/prebid/15688_valor.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/valor/prod/lib-pub-core-valor-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.238.138 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-238-138.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
8c7b40ea1549e7fcc5ef244636575ead590880097216718b0ec6f30f3f42e18b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
last-modified
Sun, 19 Nov 2023 04:40:38 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
125762
expires
Sun, 19 Nov 2023 09:38:22 GMT
publicidade.css
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/css/prod/
4 KB
1 KB
Stylesheet
General
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/css/prod/publicidade.css
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/valor/prod/lib-pub-core-valor-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-openstack-request-id
tx4bf3152dfb1f48e0b4d04-006559c4e3
last-modified
Wed, 13 Sep 2023 18:42:19 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1694630538.09953
cache-control
public, max-age=180
x-trans-id
tx4bf3152dfb1f48e0b4d04-006559c4e3
x-request-id
9f50e110-287a-405b-a443-8dcca30b8e8f
bold.woff
s3.glbimg.com/cdn/fonts/coranto/
46 KB
47 KB
Font
General
Full URL
https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
b4cabad8f7acd53a124327c82d6f16ad3eb6bed29b3b181d79bc712884ab66a5

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
x-openstack-request-id
txae0d08940dfe444f8f867-006478b8e4
last-modified
Tue, 25 Jun 2019 17:33:39 GMT
x-thanos
0A8250E3
etag
31bf9d7a6da93a57475aa153e0768781
vary
Accept-Encoding, Origin
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484018.71580
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
47459
x-trans-id
txae0d08940dfe444f8f867-006478b8e4
x-request-id
08250a1f-47f8-4fe9-8acd-dfc62da86b6d
coranto-bold.otf
s3.glbimg.com/cdn/fonts/coranto/
102 KB
102 KB
Font
General
Full URL
https://s3.glbimg.com/cdn/fonts/coranto/coranto-bold.otf
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
8114ac25e02b6f5f0284f77adbc83eac75b3cd437f7c36df800043cec4c2a6bd

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
x-openstack-request-id
tx5d93ac0780e9441f9a557-006478b8e3
last-modified
Tue, 25 Jun 2019 17:33:44 GMT
x-thanos
0A8250E3
etag
2a089579b6059b851d1cc022b5149cfe
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484023.21732
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
104028
x-trans-id
tx5d93ac0780e9441f9a557-006478b8e3
x-request-id
8eea4410-fd50-4c42-ae1c-4fdcd30d8b45
2v84n8g15c1895dv.js
cdn.petametrics.com/
188 KB
54 KB
Script
General
Full URL
https://cdn.petametrics.com/2v84n8g15c1895dv.js?ts=472328
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3d5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7beb23c181a7b6a3f061c95e1ee46960073d3cc8381bbf780e686b5c230f6ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
via
1.1 3bff6c700d376f51ba81ef57dc2bd6e6.cloudfront.net (CloudFront)
x-amz-version-id
k5Y5eESBLhtrQICGRqNQp.qjFqlwOcPT
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
97981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 16 Nov 2023 21:16:06 GMT
server
cloudflare
etag
W/"beff1b8c21b8d8643577900debf24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=691200, s-maxage=31536000
cf-ray
828707df584b5419-YYZ
x-amz-cf-id
WqSERuqrAeqZNnPdrjrBo5V9lKI8a3njVCyHnleqFwPWhqvMIOQYfw==
truncated
/
727 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
738 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
foto14leg-201-julga-e1.jpg
s2-valor.glbimg.com/gd4cEJykG5-mdbkL1cUiGjzRyjU=/1000x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/R/Q/hJLkszQyaTJTmSOyPGkA/
92 KB
92 KB
Image
General
Full URL
https://s2-valor.glbimg.com/gd4cEJykG5-mdbkL1cUiGjzRyjU=/1000x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/R/Q/hJLkszQyaTJTmSOyPGkA/foto14leg-201-julga-e1.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
afb2910cd48baced09fe077e4d1235f420a5d54e3ea77d3486dab47808a1c7fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
via
2.0 CachOS
x-bip
958691175 ah19 37 01
age
0
x-cache-server
thumbor/nginx-cache
content-length
94092
x-cached
MISS
x-request-id
f40eee53-93bb-4e57-91d3-cd06982b7e83
x-forwarded-host
s2-valor.glbimg.com
x-thanos
0A819C70
etag
"c5d26e8ef3c0b75f01cd14c0b834dc7a8c879304"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Tue, 19 Dec 2023 08:19:52 GMT
taylor.jpg
s2-valor.glbimg.com/fdwQvLaSmtU5w-zvoa3B7S8hs6g=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/w/X/9Ux0G5S1KMKd64pr2pog/
14 KB
14 KB
Image
General
Full URL
https://s2-valor.glbimg.com/fdwQvLaSmtU5w-zvoa3B7S8hs6g=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/w/X/9Ux0G5S1KMKd64pr2pog/taylor.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
4019c21d0548b6f800bb18b07e02dbd423cb1735d243e910d14a734ce9953f8c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
via
2.0 CachOS
x-bip
979185672 ah19 37 01
age
48176
x-cache-server
thumbor/nginx-cache
content-length
13876
x-cached
HIT
x-request-id
6a3ca1dd-7510-49b1-bad8-bc259ef4b391
x-forwarded-host
s2-valor.glbimg.com
x-thanos
0A819C70
etag
"f51c551e46454f0e579c7e0102d792c752f224aa"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Mon, 18 Dec 2023 18:49:54 GMT
maca-20tombada-20epagri.jpg
s2-valor.glbimg.com/nM0qaxuOhvx0JZMt3OVzXvHQ93o=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/f/e/GOzALyRK2rL9TxQZhjGA/
56 KB
56 KB
Image
General
Full URL
https://s2-valor.glbimg.com/nM0qaxuOhvx0JZMt3OVzXvHQ93o=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/f/e/GOzALyRK2rL9TxQZhjGA/maca-20tombada-20epagri.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
736f6b52673d572c60fbe1bd2adb990616435bccb1768c320d273a617e97e48e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
via
2.0 CachOS
x-bip
979446957 ah19 37 01
age
25538
x-cache-server
thumbor/nginx-cache
content-length
56854
x-cached
HIT
x-request-id
ec6336d3-8b10-4817-902b-58ed757ea510
x-forwarded-host
s2-valor.glbimg.com
x-thanos
0A819C70
etag
"7cf922c57e1cabe67f389c1be49d66eed495f110"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Tue, 19 Dec 2023 01:01:55 GMT
102998977-ri-20rio-20de-20janeio-20rj-2011-05-2023-20companhia-20light-20pede-20recupera-c3-a7-c3-a3o-20judicial-20fotos-20de-20arquivo.jpg
s2-valor.glbimg.com/8EVPq7hipnasDH8EN3O7CGiDOWc=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/R/2/s459NVSzqdS7uTDO75HA/
37 KB
38 KB
Image
General
Full URL
https://s2-valor.glbimg.com/8EVPq7hipnasDH8EN3O7CGiDOWc=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/R/2/s459NVSzqdS7uTDO75HA/102998977-ri-20rio-20de-20janeio-20rj-2011-05-2023-20companhia-20light-20pede-20recupera-c3-a7-c3-a3o-20judicial-20fotos-20de-20arquivo.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
fcb60d1bf016f82cffdb924d90fb89f2fbb6688e366fabf4020035b9adc7d923

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
via
2.0 CachOS
x-bip
980092517 ah19 37 01
age
28244
x-cache-server
thumbor/nginx-cache
content-length
38242
x-cached
HIT
x-request-id
19b7d016-46aa-4cf6-82be-2a9f84c6d6fc
x-forwarded-host
s2-valor.glbimg.com
x-thanos
0A819C70
etag
"c303c23d8fa3ad20ccd9935e462ffff83d2a1f6d"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Tue, 19 Dec 2023 00:21:52 GMT
ap23314592223113.jpg
s2-valor.glbimg.com/mV5bpVXUHUtdQa4UM4PDd2XYD6Y=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/i/N/kTYzWaRfSb1GDrt0KuZA/
11 KB
11 KB
Image
General
Full URL
https://s2-valor.glbimg.com/mV5bpVXUHUtdQa4UM4PDd2XYD6Y=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/i/N/kTYzWaRfSb1GDrt0KuZA/ap23314592223113.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
0e3b0b57589510e2b8c48b06710b0c6d7701be2d6e011df6e3885f6d14e37b85

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
via
2.0 CachOS
x-bip
979705146 ah19 37 01
age
116584
x-cache-server
thumbor/nginx-cache
content-length
11304
x-cached
MISS
x-request-id
ad8b4762-18ca-4e97-aad2-982932de35ea
x-forwarded-host
s2-valor.glbimg.com
x-thanos
0A819C70
etag
"488ade8c71ae4e3c236cc1c622ce51a86fb7faee"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 17 Dec 2023 23:56:47 GMT
pexels-matheus-bertelli-16027811.jpg
s2-valor.glbimg.com/qX8Vq69Bkf6TdrlSTeCgRS5YqZs=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/O/7/SVjeA7Tli4VUOuBU5dvA/
9 KB
9 KB
Image
General
Full URL
https://s2-valor.glbimg.com/qX8Vq69Bkf6TdrlSTeCgRS5YqZs=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/O/7/SVjeA7Tli4VUOuBU5dvA/pexels-matheus-bertelli-16027811.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
5ce31c9e5bb3366c302a94cc52f911a6540e6bc97092a73007265edad789b700

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
via
2.0 CachOS
x-bip
975787221 ah19 37 01
age
454821
x-cache-server
thumbor/nginx-cache
content-length
8830
x-cached
MISS
x-request-id
81ba5af2-b137-4c0e-8984-0fc838c93ede
x-forwarded-host
s2-valor.glbimg.com
x-thanos
0A819C70
etag
"f54618eb71066043542e42b461a13fea592ac1bf"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 14 Dec 2023 01:59:31 GMT
bastian-20230853106938e97a07e2056f5ffed36520e9.rest.css
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/
31 KB
8 KB
Stylesheet
General
Full URL
https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-20230853106938e97a07e2056f5ffed36520e9.rest.css
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
71c61f2dfa7f304323163478fe9e1bc1cfe3910382a43142b55f61be5af8c670

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-openstack-request-id
tx2243b662929d4670939d9-00654b6a53
last-modified
Tue, 08 Aug 2023 17:32:01 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1691515920.59004
cache-control
public, max-age=2592000
x-trans-id
tx2243b662929d4670939d9-00654b6a53
x-request-id
c3b6138b-bd33-4031-a4ce-8738ab1e85f6
81235e3a80b7ac400d9b6ae79951cb9e.css
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/
4 KB
2 KB
Stylesheet
General
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/81235e3a80b7ac400d9b6ae79951cb9e.css
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
eccca3a8f1f0a223cb70c266eb49f81499a54e21424f54e495199d20cdbc44c2

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-openstack-request-id
tx4ab25e8126c34ad092ca4-0065523f7f
content-length
1411
x-trans-id
tx4ab25e8126c34ad092ca4-0065523f7f
x-request-id
22722b63-4633-4a18-aa14-caa913d1c229
last-modified
Mon, 23 Oct 2023 15:12:03 GMT
x-thanos
0A8250E3
etag
e2e2ae6b0e034da393bc3322d3be47af
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp
1698073922.69384
cache-control
public, max-age=604800
accept-ranges
bytes
barra-globocom.min.js
s.glbimg.com/gl/ba/js/
32 KB
11 KB
Script
General
Full URL
https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-location-rule
barra-legado
date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
114374662 ah15 26 01
age
175
x-cache-status
HIT
x-goog-meta-x-goog-reserved-source-generation
1669739323699742
content-length
10597
x-xss-protection
1; mode=block
x-request-id
73a4dd66-3cf3-431a-b6ff-c40f5033e97a
last-modified
Thu, 04 May 2023 18:56:23 GMT
x-thanos
0A83DC23
etag
W/"1af9514851ffe9f801c5468a9d1206ac"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 19 Nov 2023 08:21:57 GMT
login-callback.ghtml
valor.globo.com/ Frame 74F3
Redirect Chain
  • https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=valor%40globoid-connect&redirect_uri=https%3A%2F%2Fvalor.globo.com%2Flogin-callback.ghtml&state=c9e42e81-89e4-4315-...
  • https://valor.globo.com/login-callback.ghtml
345 B
861 B
Document
General
Full URL
https://valor.globo.com/login-callback.ghtml
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.177.178 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=10
content-encoding
gzip
content-length
244
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 08:19:54 GMT
expires
Sun, 19 Nov 2023 08:20:04 GMT
http_x_forwarded_proto
https
show-page-version
0
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, Wall-Subscription-Level
via
2.0 CachOS
wall-blocked-session
0
wall-subscription-level
0
wall-usl-status
x-bip
18373696 cmad06lx29ca04.globoi.com
x-cache-status
HIT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-location-rule
show_services
x-mobile
desktop
x-request-id
a3ec4d0b-5f68-48b4-9bc9-14226fbe0863
x-served-from
valor-router-gcp, Show Services GCP
x-thanos
0A80FC08
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since, framework_version_header, system_version_header, platform_header, app_id_header, access_header, globoid_connect_apikey
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, must-revalidate, max-age=0
content-length
0
date
Sun, 19 Nov 2023 08:19:54 GMT
location
https://valor.globo.com/login-callback.ghtml#error=login_required&state=c9e42e81-89e4-4315-8493-2314c3163903
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/
203 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b1ebb00d0ce17515cb7a55ebb6a4e6a859e04f992074e5adedc8790014d5db8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
204 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a1e3ed7601f81264b0b002d25bdbd9f93c3b34533a516d1d373f9ed74d67800

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
436 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
507 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
opensans-light-webfont.woff
s.glbimg.com/gl/ba/fonts/
20 KB
20 KB
Font
General
Full URL
https://s.glbimg.com/gl/ba/fonts/opensans-light-webfont.woff
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-location-rule
barra-legado
date
Sun, 19 Nov 2023 08:19:53 GMT
via
2.0 CachOS
x-content-type-options
nosniff
x-bip
223007024 ah14 32 02
age
0
x-cache-status
HIT
x-goog-meta-x-goog-reserved-source-generation
1669739323813245
content-length
20184
x-xss-protection
1; mode=block
x-request-id
45aedb91-83e2-40e2-b3ca-49ae532fe657
last-modified
Thu, 04 May 2023 18:56:24 GMT
x-thanos
0A83BC03
etag
"d6cc1c50b230a5c61bb684e07f3e0e98"
vary
Origin
x-served-from
estaticos-gcp-prod
content-type
font/woff
access-control-allow-origin
https://valor.globo.com
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 19 Nov 2023 08:24:53 GMT
settings.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/
3 KB
2 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
gzip
x-openstack-request-id
tx60106b3b626044019a952-006559c528
last-modified
Sat, 02 Sep 2023 17:44:45 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
x-object-meta-mtime
1693675470.000000
content-type
application/javascript
x-timestamp
1693676684.90264
cache-control
public, max-age=
x-trans-id
tx60106b3b626044019a952-006559c528
x-request-id
6b223a5d-1089-4e8f-b64b-1b9182e90928
glb%2Dpv%2Dmin.js
s.glbimg.com/bu/rt/js/
2 KB
1 KB
Script
General
Full URL
https://s.glbimg.com/bu/rt/js/glb%2Dpv%2Dmin.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
112416080 ah15 26 01
age
48711
x-cache-status
HIT
content-length
945
x-xss-protection
1; mode=block
x-request-id
561de360-c296-48fc-b58c-6c72f5f84de8
last-modified
Fri, 11 Nov 2022 21:36:41 GMT
x-thanos
0A83DC23
etag
W/"aaaef25ae81d7253ced007ce6451d65e"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 19 Nov 2023 18:48:01 GMT
tv4.min.js
s3.glbimg.com/cdn/libs/tv4/1.3.0/
28 KB
10 KB
Script
General
Full URL
https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/85725c46f1bcc1991d1953a008c08562.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-openstack-request-id
tx26d001acae4a487bbb18d-006478ecd8
last-modified
Fri, 25 May 2018 14:11:50 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1527257509.32548
cache-control
public, max-age=31536000
x-trans-id
tx26d001acae4a487bbb18d-006478ecd8
x-request-id
0448818d-79b4-4186-bcc9-5188fac7d246
ww.js
cdn.ampproject.org/rtv/012310301456000/
51 KB
14 KB
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/ww.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c98a4e15dd52882dca689462634bd640af1c43ed09a74bd70a4fed3d7eba54
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 18 Nov 2023 16:24:22 GMT
age
57331
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14468
x-xss-protection
0
server
sffe
etag
"160728548ffd9b51"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Nov 2024 16:24:22 GMT
truncated
/
695 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa3ebe966a050c4716fb681161db8c5e3c966e7eef21dbc7dae3a79fd33bd535

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
api.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/
44 KB
15 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/api.min.js?loading-agent=global-webdeps
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
2dd07486c05d84f1ee6dc210417643db96d73fade9347fa8c3a1fd48639e9f04

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-openstack-request-id
tx139017492cd440049319b-006558f043
last-modified
Mon, 06 Nov 2023 20:22:32 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
x-object-meta-mtime
1699301127.000000
content-type
application/javascript
x-timestamp
1699302151.67453
cache-control
public, max-age=86400
x-trans-id
tx139017492cd440049319b-006558f043
x-request-id
5122b176-51b5-4247-a256-3c93446db452
cadun.js
s.glbimg.com/pc/ca/
14 KB
5 KB
Script
General
Full URL
https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
66935916 ah15 26 01
age
48715
x-cache-status
HIT
content-length
4958
x-xss-protection
1; mode=block
x-request-id
e329bef0-b615-4872-933b-c09692c6e3bc
last-modified
Fri, 11 Nov 2022 21:56:44 GMT
x-thanos
0A83DC23
etag
W/"d90f88fa40b545a289d34957b165ffb3"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 19 Nov 2023 18:47:57 GMT
globo-ab.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/
24 KB
6 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-openstack-request-id
txdd6016d687d648f4a9ce2-006559c4ba
last-modified
Thu, 12 May 2022 20:00:29 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1652385628.79171
cache-control
public, max-age=180
x-trans-id
txdd6016d687d648f4a9ce2-006559c4ba
x-request-id
b5f1f1fd-44ba-4169-8ced-346d272e0e8a
globo-ab-v2.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/
34 KB
12 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/globo-ab-v2.min.js?loading-agent=global-webdeps
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-openstack-request-id
tx855813e0d1684a34a6b69-0065590df3
last-modified
Wed, 24 Oct 2018 17:17:43 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1540401462.48634
cache-control
public, max-age=86400
x-trans-id
tx855813e0d1684a34a6b69-0065590df3
x-request-id
6163918f-1c6e-4aa1-b5f8-e96d7a3638f7
globo-ab.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/
21 KB
6 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
content-encoding
gzip
x-openstack-request-id
tx670ed9770aaf45928ccab-006559c4ea
last-modified
Tue, 19 May 2020 15:37:59 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1589902678.74751
cache-control
public, max-age=180
x-trans-id
tx670ed9770aaf45928ccab-006559c4ea
x-request-id
4baa8846-e0d7-4f4e-84c4-844cf4154c72
esp.js
cdn.id5-sync.com/api/1.0/
155 KB
34 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:30:02 GMT
server
cloudflare
x-amz-request-id
RHN9A6N7JBTNWYP5
age
2008
etag
W/"5cdc7028bae687cbffcc9d7982dd9ad5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
828707e09a1c39c6-YYZ
x-amz-id-2
VGCf3vHRnQVmDF60HcSdy/jeZzhDRZ8Dm+nYt18op9+hBh9HGmgi7Oc9ET6PxaPaEH8UHxIXAY3i11FmSSQUQg==
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:2000:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Sat, 18 Nov 2023 12:52:24 GMT
Via
1.1 a4d8112508e8450a57296bb3736a5136.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD79-C1
Age
72525
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
banpdtY4AC4zOmuRui6LOK7TturDnwRgkUw5pI400SOT0Xc8p8uq5Q==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
898 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 19 Nov 2023 08:19:53 GMT
x-content-type-options
nosniff
content-encoding
br
age
42785
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4561-YYZ
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:27:24 GMT
content-encoding
gzip
age
463948
x-guploader-uploadid
ABPtcPp3Mw5I092m2-IQIqQksBXmd2sDyExkVG7t5iIAVPd7ZPyAxS03p3sKk-aZizc7hqBjxncyfIEGruYopfh0QbDD11YYKgf6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 12 Nov 2024 23:27:24 GMT
publishertag.ids.js
static.criteo.net/js/ld/
42 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Nov 2023 08:19:53 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 19:10:55 GMT
content-encoding
gzip
via
1.1 9a7c700290cf80b3334e7dcd07bfe44a.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
47338
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
lu2XoHVp7GyxB1kerA8uIEXxdvvt5c6ZUAmuHANSqPkHRDCRKB5n9g==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
41e1a02c36e9f82551da3a3ba60f9e4a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/
46 KB
17 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=303066154723924&correlator=587974851257995&eid=31079234%2C31079658%2C31079525%2C31078660&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=85042905%2Cvalor.web%2Clegislacao%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&didk=3223810205&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1700381992619&lmt=1700381992&adxs=892&adys=1877&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&vis=1&psz=300x280&msz=300x0&fws=4&ohw=1600&ga_vid=2088517343.1700381993&ga_sid=1700381993&ga_hid=1078870459&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYqM2otb4xSABSAghkEhkKCnB1YmNpZC5vcmcYp82otb4xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKjNqLW-MUgAUgIIZBIXCghydGJob3VzZRiozai1vjFIAFICCGQSGQoKdWlkYXBpLmNvbRinzai1vjFIAFICCGQSFAoFb3BlbngYqM2otb4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRinzai1vjFIAFICCGQ.&dlt=1700381989978&idt=1110&prev_scp=Editora.pos%3DTop%26rc%3Dbanner_materia1_0&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D4%26Editora.url%3Dreceita-exige-irrf-sobre-direitos-creditorios%26Info.Entidades%3DRafael%2520Serrano%252CLeonardo%2520Freitas%2520de%2520Moraes%2520e%2520Castro%252CIRRF%2520(Imposto%2520de%2520Renda%2520Retido%2520na%2520Fonte)%252CCosit%2520(Coordena%25C3%25A7%25C3%25A3o-Geral%2520de%2520Tributa%25C3%25A7%25C3%25A3o)%252CSecretaria%2520da%2520Receita%2520Federal%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1700381991993%26prmtvvid%3D%26prmtvwid%3D&adks=2500875619&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bc54bbcbdd29887d2267d3fcece5237ca9ab58cb12bdef899f65b79f69d7654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17641
x-xss-protection
0
google-lineitem-id
6410791562
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138452998254
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
038a2f0220674b4e8c9404adca5d27d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E2A3
6 KB
3 KB
Document
General
Full URL
https://038a2f0220674b4e8c9404adca5d27d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 08:19:53 GMT
expires
Mon, 18 Nov 2024 08:19:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gtm.js
www.googletagmanager.com/
344 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M7TMHTJ
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/valor/prod/lib-pub-relay-valor-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
233bd4af48fbf388163d5346e51713244c3feb1adb12012a298390eaaf793993
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97811
x-xss-protection
0
last-modified
Sun, 19 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 19 Nov 2023 08:19:53 GMT
ns.html
www.googletagmanager.com/ Frame 2BE3
712 B
561 B
Document
General
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-M7TMHTJ
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/valor/prod/lib-pub-relay-valor-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
307b2a1b987b8000b3865aa975e3d52ab2b2b6c3ef1e12be2a865caa3b58535d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
241
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 08:19:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
Fetch
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231119
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_valor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76176641f04073c7bbe3b12005248c0493cb24d64ea73e18fc82d414219bcf00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 19 Nov 2023 08:19:53 GMT
x-content-type-options
nosniff
content-encoding
br
age
15541
x-jsd-version
1.0.1878
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
858
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4561-YYZ
x-jsd-version-type
version
etag
W/"641-JJxEr78oJ+3kRARUi3lKtRzAvQI"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/
800 B
1 KB
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280406&zone_id=1398984&size_id=2&alt_size_ids=55&eid_pubcid.org=15f36753-2059-41f0-9041-bf83da56a6a0%5E1&rf=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&kw=rafaelserrano%2Cleonardofreitasdemoraesecastro%2Cirrf(impostoderendaretidonafonte)%2Ccosit(coordena%C3%A7%C3%A3o-geraldetributa%C3%A7%C3%A3o)%2Csecretariadareceitafederal&tg_i.domain=valor.globo.com&tg_i.page=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&tg_i.adunit=85042905_valor.web%2Flegislacao%2Fmateria&tg_i.aupname=.*85042905.*%26mc-container-top.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fvalor.web%2Flegislacao%2Fmateria%23mc-container-top&tk_flint=dmpbjs_v8.17.0&x_source.tid=778f37f7-989f-44ad-b68b-a6f74fbe98a8&l_pb_bid_id=2895e158f639b7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2f58e0a9-41de-4ad7-89d9-875879cfebbc&rp_maxbids=1&p_gpid=%2F85042905%2Fvalor.web%2Flegislacao%2Fmateria%23mc-container-top&slots=1&rand=0.5069239592389752
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_valor.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2355bf4657b090840c6670baee3999a0c5e66d96c9a906743331e213c41be6e4

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/
0
194 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.17.0&cb=57338517624&lsavail=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_valor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:19:52 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
prg.smartadserver.com/prebid/
0
337 B
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_valor.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.14.97 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.97.rdns.racklot.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:52 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bold.ttf
s3.glbimg.com/cdn/fonts/coranto/
73 KB
74 KB
Font
General
Full URL
https://s3.glbimg.com/cdn/fonts/coranto/bold.ttf
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
d017589fa69958fa0c56326427020cffafb942f39a0d95abd1f81bfb8ee24bc9

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:52 GMT
x-openstack-request-id
txe380336542b74d22aca25-006478b8e5
last-modified
Tue, 25 Jun 2019 17:33:34 GMT
x-thanos
0A8250E3
etag
c0da6a8e07413416d264e1ddce793113
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484013.33706
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
74880
x-trans-id
txe380336542b74d22aca25-006478b8e5
x-request-id
c1c9ada9-0f22-42e9-9a63-ce90be3cf4de
schemas
horizon-schemas.globo.com/
148 KB
14 KB
XHR
General
Full URL
https://horizon-schemas.globo.com/schemas
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/85725c46f1bcc1991d1953a008c08562.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.117 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-117.prt.globo.com
Software
/
Resource Hash
f27df02646b039f3416255bfd9722fc82e64ce1ea9bf34443da85cf4a681d194

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
gzip
via
2.0 CachOS
x-bip
99663028 cmah24lx35ca03.globoi.com
age
5113
content-length
13969
x-request-id
8814acb8-54a2-4b1f-8121-b3311ab08c30
x-thanos
0A823C30
vary
Accept-Encoding, X-Forwarded-Proto, Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
cache-control
max-age=7200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,GST
ap23321378230709.jpg
s2-valor.glbimg.com/sgHIsaaVI6grVI6KiveS6loIAH4=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/F/U/zrJA6yQCWHSn0A8IKUYg/
27 KB
27 KB
Image
General
Full URL
https://s2-valor.glbimg.com/sgHIsaaVI6grVI6KiveS6loIAH4=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/F/U/zrJA6yQCWHSn0A8IKUYg/ap23321378230709.jpg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
bf041f84fdabf5b01ec7a65485603bb73b8e4c6bbe082fdcb02ad5484a963b3a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
via
2.0 CachOS
x-bip
980092522 ah19 37 01
age
152057
x-cache-server
thumbor/nginx-cache
content-length
27564
x-cached
HIT
x-request-id
e5049219-3528-4dd0-ac0e-df8fe9488e42
x-forwarded-host
s2-valor.glbimg.com
x-thanos
0A819C70
etag
"be734cc4d2036a1e185fb8ed0f31fcac975be20a"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 17 Dec 2023 14:00:38 GMT
372860060.jpg
s2-valor.glbimg.com/VPsdmuaczjeP7UqHfgQtPobVoY4=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2022/g/e/MLsExJQD290YoSLIlRFQ/
28 KB
28 KB
Image
General
Full URL
https://s2-valor.glbimg.com/VPsdmuaczjeP7UqHfgQtPobVoY4=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2022/g/e/MLsExJQD290YoSLIlRFQ/372860060.jpg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
3ca4ffcd9ca7d40a1f7238689870a16b3d2bd9c849a8bcd3215b08b44b4b2e44

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
via
2.0 CachOS
x-bip
958691178 ah19 37 01
age
35720
x-cache-server
thumbor/nginx-cache
content-length
28574
x-cached
HIT
x-request-id
c19c3dbc-d513-48f2-b78f-d261cc1af65a
x-forwarded-host
s2-valor.glbimg.com
x-thanos
0A819C70
etag
"137902ac6a4d27014d3f0c24d41c062fd0ed1c9a"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Mon, 18 Dec 2023 22:21:35 GMT
eduardo-leite.jpg
s2-valor.glbimg.com/ni0r3grZUUaHNXaDD3onLFiNgrQ=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/a/D/pfoWKRSAAeDMSDT4ZbPg/
15 KB
15 KB
Image
General
Full URL
https://s2-valor.glbimg.com/ni0r3grZUUaHNXaDD3onLFiNgrQ=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/a/D/pfoWKRSAAeDMSDT4ZbPg/eduardo-leite.jpg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
766fb669cff8eeacb41ffa793bd2ec889dfef271615b6b147e9735430b091d9f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
via
2.0 CachOS
x-bip
978985597 ah19 37 01
age
36535
x-cache-server
thumbor/nginx-cache
content-length
15154
x-cached
HIT
x-request-id
730d1267-4f83-460f-8f05-8a2639e8a5b3
x-forwarded-host
s2-valor.glbimg.com
x-thanos
0A819C70
etag
"c92067bcc295e1dd68f1e349746f195c728c61df"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Mon, 18 Dec 2023 22:10:04 GMT
chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:valor:desktop:multicontent:ep/
0
0

chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:valor:desktop:multicontent:dinamico/
0
0

map
bcp.crwdcntrl.net/6/
156 B
535 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.145.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-145-128.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2efe0550c417d477cfc4f9be2492461f4e60486c7dad8e9e074f88d83c964284

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache
x-server
10.40.50.230
access-control-allow-credentials
true
content-length
156
expires
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%2...
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%2...
85 B
204 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&rid=esp&cc=1
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
d8d9c349e2a698ffd9173634f3510a5f0809c6f27ef2d7d606240b65b3e21ee3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-HRjaR3I4hXRa2IDefrOFQP0O8HY"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sun, 19 Nov 2023 08:19:53 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://valor.globo.com
location
/esp?url=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
__inventory.gif
query.petametrics.com/v1/
35 B
173 B
Image
General
Full URL
https://query.petametrics.com/v1/__inventory.gif?ts=1700381993064&jsk=2v84n8g15c1895dv&jsv=20231116&cu=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&item=%7B%22title%22%3A%5B%22Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%22%5D%2C%22description%22%3A%5B%22Ao%20enviar%20pagamento%20para%20o%20exterior%2C%20empresa%20brasileira%20teria%20que%20deixar%2015%25%20do%20valor%20com%20a%20Uni%C3%A3o%22%5D%2C%22image%22%3A%5B%22https%3A%2F%2Fs2-valor.glbimg.com%2FHfgV3hic6k3R0M19E_AHIwoBjh4%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_63b422c2caee4269b8b34177e8876b93%2Finternal_photos%2Fbs%2F2023%2FR%2FQ%2FhJLkszQyaTJTmSOyPGkA%2Ffoto14leg-201-julga-e1.jpg%22%5D%2C%22image%3Awidth%22%3A%5B%221200%22%5D%2C%22type%22%3A%5B%22article%22%5D%2C%22locale%22%3A%5B%22pt_BR%22%5D%2C%22site_name%22%3A%5B%22Valor%20Econ%C3%B4mico%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%22%5D%2C%22id%22%3A%5B%22https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%22%5D%2C%22authors%22%3A%5B%22Joice%20Bacelo%22%5D%2C%22published_time%22%3A%5B%222023-09-13T17%3A50%3A32-03%3A00%22%5D%2C%22modified_time%22%3A%5B%222023-09-14T06%3A33%3A12-03%3A00%22%5D%2C%22image145%22%3A%5B%22https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_1b264e8ce06649ae85acee5d38e32f34%2Fimages%2Fnovo_logo_valor_economico.png%22%5D%2C%22image105%22%3A%5B%22https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_1b264e8ce06649ae85acee5d38e32f34%2Fimages%2Fnovo_logo_valor_economico.png%22%5D%2C%22section%22%3A%5B%22Legisla%C3%A7%C3%A3o%22%5D%2C%22categoria_materia%22%3A%5B%22%22%5D%2C%22category%22%3A%5B%22valor-legislacao%22%5D%2C%22protected%22%3A%5B%222%22%5D%2C%22teaser%22%3A%5B%220%22%5D%2C%22sponsored%22%3A%5B%220%22%5D%2C%22tag%22%3A%5B%5D%2C%22content_type%22%3A%5B%22noticia%22%5D%2C%22opinion%22%3A%5B%22false%22%5D%2C%22content_tier%22%3A%5B%22%22%5D%2C%22location%22%3A%5B%22country%3Abrazil%22%5D%2C%22publisher%22%3A%5B%22%22%5D%7D&ttl=0
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/2v84n8g15c1895dv/1fc79c4b-f1c5-4b92-ff1e-9ae2161eba9a/
35 B
97 B
Image
General
Full URL
https://query.petametrics.com/v3/2v84n8g15c1895dv/1fc79c4b-f1c5-4b92-ff1e-9ae2161eba9a/__activity.gif?e=pageview&ct=Receita+exige+IRRF+sobre+direitos+credit%C3%B3rios&ccu=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&tspl=4537&blst=3923&ist=4529&iet=4535&bdst=3923&bdet=4521&bcttt=12&ts=1700381993068&jsk=2v84n8g15c1895dv&jsv=20231116&cu=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&uid=1fc79c4b-f1c5-4b92-ff1e-9ae2161eba9a&sid=629e4355-c08a-4859-b912-e9ff89f8eb04&pvid=12a5c39c-fe1d-47ad-d7e9-df74ef8b8aeb&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.159+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&sdk=bc-pixel
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 19 Nov 2023 08:19:53 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
horizon-client-js.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/
11 KB
4 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/bu/rt/js/glb%2Dpv%2Dmin.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
gzip
x-openstack-request-id
txd2e358bc3884441f82ede-006559c2d3
last-modified
Fri, 13 Nov 2020 17:21:38 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1605288097.88717
cache-control
public, max-age=600
x-trans-id
txd2e358bc3884441f82ede-006559c2d3
x-request-id
dcc61523-152f-4b75-80fd-98a7d3f3e4e0
logged
cocoon.globo.com/v2/user/ Frame
0
0
Preflight
General
Full URL
https://cocoon.globo.com/v2/user/logged?servico_id=4728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://valor.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://valor.globo.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 19 Nov 2023 08:19:54 GMT
server
nginx
via
1.1 google
logged
cocoon.globo.com/v2/user/ Frame
0
0
Preflight
General
Full URL
https://cocoon.globo.com/v2/user/logged
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://valor.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://valor.globo.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 19 Nov 2023 08:19:54 GMT
server
nginx
via
1.1 google
login.css
s.glbimg.com/pc/ca/
846 B
914 B
Stylesheet
General
Full URL
https://s.glbimg.com/pc/ca/login.css
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
110569729 ah15 26 01
age
48715
x-cache-status
HIT
content-length
419
x-xss-protection
1; mode=block
x-request-id
103b3599-501e-4975-95bb-bb35a6002c08
last-modified
Fri, 11 Nov 2022 21:56:44 GMT
x-thanos
0A83DC23
etag
W/"263666896930a877f4ad09cc6d6e75ea"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/css; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 19 Nov 2023 18:47:57 GMT
logged
cocoon.globo.com/v2/user/
188 B
209 B
XHR
General
Full URL
https://cocoon.globo.com/v2/user/logged?servico_id=4728
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
854228f9c07bc1adf5cc92cb46023f12a84189325c907ed188dd7bca86cbf2b0

Request headers

Referer
https://valor.globo.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
via
1.1 google
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
https://valor.globo.com
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
content-length
188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
logged
cocoon.globo.com/v2/user/
188 B
209 B
XHR
General
Full URL
https://cocoon.globo.com/v2/user/logged
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
854228f9c07bc1adf5cc92cb46023f12a84189325c907ed188dd7bca86cbf2b0

Request headers

Referer
https://valor.globo.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
via
1.1 google
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
https://valor.globo.com
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
content-length
188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
glb-pv-min.js
s.glbimg.com/bu/rt/js/
2 KB
1 KB
Script
General
Full URL
https://s.glbimg.com/bu/rt/js/glb-pv-min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
112127231 ah15 26 01
age
48715
x-cache-status
HIT
content-length
945
x-xss-protection
1; mode=block
x-request-id
480e923f-ad13-4da6-92ea-18b341347681
last-modified
Fri, 11 Nov 2022 21:36:41 GMT
x-thanos
0A83DC23
etag
W/"aaaef25ae81d7253ced007ce6451d65e"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 19 Nov 2023 18:47:57 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035227/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
364 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:13:30 GMT
via
1.1 181a665d1a0b3047b4fa647eeabfb330.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P3
age
384
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
wDYEXMEwe_c224hPsy3qG4QCezL6hVoaEADj7VfhxRRS9z-84BCcsw==

Redirect headers

date
Sun, 19 Nov 2023 08:19:53 GMT
via
1.1 181a665d1a0b3047b4fa647eeabfb330.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD55-P3
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
wYjQAXdwrRDwlauvdF6h8a3EEgSINorVkGsucO7vLv5ydcpaBsEH5A==
logo_globoplay.svg
s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/
5 KB
2 KB
Image
General
Full URL
https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/logo_globoplay.svg
Requested by
Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://barra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
gzip
x-openstack-request-id
tx66a793f1d9c44418a1a18-006559c527
last-modified
Mon, 17 Oct 2022 13:20:36 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1666012835.41302
cache-control
public, max-age=180
x-trans-id
tx66a793f1d9c44418a1a18-006559c527
x-request-id
d3f629c7-598e-4241-9515-52161886d390
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1700381993081&ns_c=UTF-8&c8=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%20%7C%20Legisla%C3%A7%C3%A3o%20%7C%20Valor%20Econ%C...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1700381993081&ns_c=UTF-8&c8=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%20%7C%20Legisla%C3%A7%C3%A3o%20%7C%20Valor%20Econ%...
43 B
301 B
Image
General
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1700381993081&ns_c=UTF-8&c8=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%20%7C%20Legisla%C3%A7%C3%A3o%20%7C%20Valor%20Econ%C3%B4mico&c7=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&c9=
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
via
1.1 181a665d1a0b3047b4fa647eeabfb330.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD55-P3
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
wWwLqcx2CY2u2VnR-PMnU1PXXoEtGTndhYjHgQxMNVA7QQWkEYdvSg==

Redirect headers

date
Sun, 19 Nov 2023 08:19:53 GMT
via
1.1 181a665d1a0b3047b4fa647eeabfb330.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD55-P3
x-cache
Miss from cloudfront
location
/p2?c1=2&c2=6035227&ns__t=1700381993081&ns_c=UTF-8&c8=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%20%7C%20Legisla%C3%A7%C3%A3o%20%7C%20Valor%20Econ%C3%B4mico&c7=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&c9=
content-length
0
x-amz-cf-id
K98hKB_djA9lYdZphQB-9lAoZWavlZRi8noMx6ZaSP34N2Yo5WEfPg==
8f8b9dc5-937f-4983-be5f-8303cd86a80d
https://valor.globo.com/
51 KB
0
Other
General
Full URL
blob:https://valor.globo.com/8f8b9dc5-937f-4983-be5f-8303cd86a80d
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7a4a28bcf0655818ebaac8a278b79ac019b956c6d42ccbf1b7cd47987a56b7b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
52052
Content-Type
text/javascript
increment
id5-sync.com/api/esp/
0
231 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:19:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
view
securepubads.g.doubleclick.net/pcs/ Frame F235
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvO08dE01xqOLNOcMP2P3LDwS0tyT7UWWJ2SmgID7JoTP2M5HNHyfUEFU5TCSG4q0Wr1CmJPyuRAYWd89pHXcp1qfxrDzeW73MUSLHLHfgBhRZozJyMzwxvHJ3xDF2UYXBInwV7lVOmSyJQF5P8oM64w3XUmplplk0PsGPKy55l3CC0MB1sQGs6aMYvM8Oo8ZY5t9WRqBykBYhoU-vIu9ImtqPffa05RSGuCxWXG3FlprnRF9jxCLL-Q7xatvk_ODjBUv4KPeT5lsfKS4IxMqewLW8Tw3xKACpY4P0UZH5Xofl44BuaEn4RykLhXNbfJJewOHr8otLlf9g8lTYggIDVIujEfznCvB8yQ9kY3TgUoVVngqwWv14TAvVb3h4&sai=AMfl-YQQR0Go7AX2fVtqAcYkSk9Nabz03J_VVQHKflUz_xdQukI_a3pQ8B6gg_Y4R4W4ZQ-WZqOxAUE6oQCupYuIGnlZ4DOwHGiz2UY8j4wx1duSCXMsf1jfEYUpbvhRNnCr7RqOwVwpP3OHyijpGN0OSey-&sig=Cg0ArKJSzOmlaU5laziHEAE&uach_m=[UACH]&adurl=
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 19 Nov 2023 08:19:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F235
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:28:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
31903
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 23:28:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F235
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Nov 2023 08:19:53 GMT
12068147414444655597
tpc.googlesyndication.com/simgad/ Frame F235
45 KB
46 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12068147414444655597
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c48be05c166fb4074712158f9c90bd8a54fc5bb2ff60fd3277a7b5196ccc7683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46374
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 20:18:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 18 Nov 2024 08:19:53 GMT
truncated
/ Frame F235
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d43e229334bb4a8ceff420ff774ed8c411c029ac32c2d12dfd64f1364245877

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
syncframe
gum.criteo.com/ Frame 0533
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=valor.globo.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 08:19:53 GMT
server
Kestrel
server-processing-duration-in-ticks
324931
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ns.html
www.googletagmanager.com/ Frame E286
268 B
159 B
Document
General
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-M7TMHTJ&restrictions=&gtm.url=https%3A%2F%2Fvalor.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-M7TMHTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-M7TMHTJ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 08:19:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
ns.html
www.googletagmanager.com/ Frame E1B4
268 B
162 B
Document
General
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-M7TMHTJ&restrictions=&gtm.url=https%3A%2F%2Fvalor.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-M7TMHTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-M7TMHTJ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 08:19:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
horizon-pageview
horizon.globo.com/auth-session/activity/valor%20econ%C3%B4mico/
0
321 B
Image
General
Full URL
https://horizon.globo.com/auth-session/activity/valor%20econ%C3%B4mico/horizon-pageview?object=http%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&Referrer=&tags=materia%252Cmulti-content%252Clegislacao&client_version=0.3.11
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=60

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
strict-transport-security
max-age=60
content-length
0
x-served-from
hzt-tsuru
content-type
text/plain; charset=UTF-8
gtm.js
www.googletagmanager.com/
119 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7TMHTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc471ee0f572578df74acf3d6a20d16875d27aa5f5131e271fb4e4de72201a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46220
x-xss-protection
0
last-modified
Sun, 19 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 19 Nov 2023 08:19:53 GMT
gtm.js
www.googletagmanager.com/
160 KB
58 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3GJS46&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7TMHTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f67929606820f003a6fa9a1dfdad35cbc9942639084c211444a4dea01568c48e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59650
x-xss-protection
0
last-modified
Sun, 19 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 19 Nov 2023 08:19:53 GMT
hotjar-1512996.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1512996.js?sv=6
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-49.iad55.r.cloudfront.net
Software
/
Resource Hash
40fb822786eeb5727b7b76e4b8fae42a204c2420fc1a1138fe26c3663713dc64
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sun, 19 Nov 2023 08:19:53 GMT
via
1.1 5b2c25375d693d0fb882145cde66154e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P1
age
22
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/28dcf29404c7125a11208450738e44ca
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
BQDBIWw91woOFHqyoWWq_rgxIJjvB6IYaBEuR7yL1ts6z54Yxo0lIA==
marfeel-sdk.js
sdk.mrf.io/statics/
141 KB
40 KB
Script
General
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49353af271b330cd455e55df7b96e606f79f95dfae285c63c9836d4afacc4fdb

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time
2ms
date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Sun, 19 Nov 2023 07:51:28 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
8
accept-ranges
bytes
cf-ray
828707e5ba00a22c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
40770
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 19 Nov 2023 08:19:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
CApFbg4JprlaXmh2b4m9ncGiyfTyaojofKm66s+sboUqc6Umh2jQ4a1VlyzoY+PlTSi1CjP5GX7YOTxUrV40Og==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
universal.min.js
tag.navdmp.com/
14 KB
5 KB
Script
General
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
702
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
828707e5eb57549d-YYZ
expires
Sun, 19 Nov 2023 09:08:11 GMT
js
pixel.mathtag.com/event/
5 KB
6 KB
Script
General
Full URL
https://pixel.mathtag.com/event/js?mt_id=1418239&mt_adid=225031&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.87.84.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-84-208.deploy.static.akamaitechnologies.com
Software
MT3 1075 283b7e3 master iad iad-pixel-x11 config_version:"455" /
Resource Hash
03730114e14df006d93af95fa5e3a03320c6440049cf51fedac14297370c35c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:19:53 GMT
Server
MT3 1075 283b7e3 master iad iad-pixel-x11 config_version:"455"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
5540
Expires
Sun, 19 Nov 2023 08:19:52 GMT
loader.js
cdn.taboola.com/libtrc/editoraglobonetwork/
726 KB
123 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7db4cc68c102ecfbcbc49b62e6dba51cd9bf57bf080fb022ee560e79193f817f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
ALi.I386.HDBpl6VfgnUDpA5Gel.RsxU
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:53 GMT
x-amz-request-id
737N1ZGGEMJY82JW
age
11825
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
125895
x-amz-id-2
0uBpmk4YYTmXEyHwr+s9cXm7ka1B6HQvOBPlu4JZoCkSprx4KanHv1x9srR0qtOtjvTu1iFB79c=
x-served-by
cache-yyz4571-YYZ
last-modified
Sun, 19 Nov 2023 05:01:37 GMT
server
AmazonS3
x-timer
S1700381994.798075,VS0,VE2
etag
"5bd01fb10ece42df537a228b69543f81"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
54
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
tiny.js
static.infoglobo.com.br/paywall/js/
268 KB
71 KB
Script
General
Full URL
https://static.infoglobo.com.br/paywall/js/tiny.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7TMHTJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
2edf6c53019a943b4375763a013c04b8503bbc9e45fa206ec7e5a18760a42c66

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
x-openstack-request-id
tx3a307188713d4eedbaf41-00654d900d
x-cache-status
HIT
supportspointer
true
x-trans-id
tx3a307188713d4eedbaf41-00654d900d
x-request-id
02ce76389ee8d32bbbcb18934c3ea5e8
last-modified
Tue, 31 Oct 2023 13:53:47 GMT
vary
Accept-Encoding, Origin
x-served-from
infoglobo-router-gcp
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-timestamp
1698760426.69817
cache-control
max-age=600
charset
utf-8
expires
Fri, 10 Nov 2023 02:16:05 GMT
ivc.js
gadasource.storage.googleapis.com/
71 KB
24 KB
Script
General
Full URL
https://gadasource.storage.googleapis.com/ivc.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 07:49:58 GMT
content-encoding
gzip
age
1796
x-guploader-uploadid
ABPtcPr28-wtDIO8iAm-71f91LTIiBFO86JXl3Q6fgT9LtMh6le5xtBlQa4MbLUZzCh8dMqoGy8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24321
last-modified
Mon, 02 Sep 2019 19:50:51 GMT
server
UploadServer
etag
"cdaa61cbc24c48191196b45b31a7e18b"
vary
Accept-Encoding
x-goog-generation
1567453851562424
x-goog-hash
crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
content-type
text/plain
cache-control
public, max-age=3600
x-goog-stored-content-length
24321
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:49:58 GMT
lib-pub-ext-tags-valor-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/valor/prod/
2 KB
1 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/valor/prod/lib-pub-ext-tags-valor-latest.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7TMHTJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e3f422ae8bc9e4874e20a1d051cc2cde9a2e2f0e84d8a4ef84a82d90b3b5cc79

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
gzip
x-openstack-request-id
tx5a222897b13e4c48aeb91-006559c496
last-modified
Tue, 07 Mar 2023 22:45:20 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
x-object-meta-mtime
1678228244.000000
content-type
application/javascript
x-timestamp
1678229119.90267
cache-control
public, max-age=180
x-trans-id
tx5a222897b13e4c48aeb91-006559c496
x-request-id
23ab619a-5a30-4440-858e-2e8b7f220585
chartbeat.js
static.chartbeat.com/js/
37 KB
15 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:48:39 GMT
content-encoding
gzip
via
1.1 341de8df4217bc427eae27ed066ab4ce.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 01:59:58 GMT
server
nginx
x-amz-cf-pop
IAD55-P2
age
41475
etag
W/"6555779e-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Ih7UOgA3VArqZpL1mIMdynS40pbj3qCXgLY_5ISfFiIlTZXtwvKa8A==
expires
Sun, 19 Nov 2023 20:48:39 GMT
chartbeat_mab.js
static.chartbeat.com/js/
23 KB
10 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 22:00:36 GMT
content-encoding
gzip
via
1.1 341de8df4217bc427eae27ed066ab4ce.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 02:00:31 GMT
server
nginx
x-amz-cf-pop
IAD55-P2
age
37158
etag
W/"655577bf-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
0GYczt_64g5LRBbayXsXI7w2Ebk5ejiYSrIZoSTzFFscWMOaL8Q64w==
expires
Sun, 19 Nov 2023 22:00:36 GMT
ads
securepubads.g.doubleclick.net/gampad/
318 B
163 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=303066154723924&correlator=41357262919812&eid=31079234%2C31079658%2C31079525%2C31078660%2C44714449&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=85042905%2Cvalor.web%2Clegislacao%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&didk=3851748554&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De55e15f9243c791c%3AT%3D1700381992%3ART%3D1700381992%3AS%3DALNI_MbYJlbxEMcKFJFSCyj-SLVVdWN5Sg&gpic=UID%3D00000da2b045df4c%3AT%3D1700381992%3ART%3D1700381992%3AS%3DALNI_MYuDDtZfADMtCvqaYgFJAb8Evbobw&arp=1&abxe=1&dt=1700381993506&lmt=1700381993&adxs=0&adys=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&vis=1&psz=1600x98&msz=1600x0&fws=4&ohw=1600&psts=AOrYGsmAg2R5ECg1x1WaAwa_48oFnfs6yEVlurx77cSj-YZb5MT6FleB547g3F5RLIlVwECBR_oLTL880RVu90SO2KbgWrrbAXAd&ga_vid=2088517343.1700381993&ga_sid=1700381993&ga_hid=1078870459&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYqM2otb4xSABSAghkEjsKCnB1YmNpZC5vcmcSJDE1ZjM2NzUzLTIwNTktNDFmMC05MDQxLWJmODNkYTU2YTZhMBjq0ai1vjFIABIdCg5lc3AuY3JpdGVvLmNvbRiozai1vjFIAFICCGQSFwoIcnRiaG91c2UYqM2otb4xSABSAghkEhkKCnVpZGFwaS5jb20Yp82otb4xSABSAghkEhQKBW9wZW54GKjNqLW-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yp82otb4xSABSAghk&dlt=1700381989978&idt=1110&prev_scp=Editora.pos%3Din-image&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D4%26Editora.url%3Dreceita-exige-irrf-sobre-direitos-creditorios%26Info.Entidades%3DRafael%2520Serrano%252CLeonardo%2520Freitas%2520de%2520Moraes%2520e%2520Castro%252CIRRF%2520(Imposto%2520de%2520Renda%2520Retido%2520na%2520Fonte)%252CCosit%2520(Coordena%25C3%25A7%25C3%25A3o-Geral%2520de%2520Tributa%25C3%25A7%25C3%25A3o)%252CSecretaria%2520da%2520Receita%2520Federal%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1700381991993%26prmtvvid%3D%26prmtvwid%3D&adks=4012120319&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8bbdea0231ca9ac54813d067a86ea8a7f0c5b9a38e53fb3efb9841bd159bcbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
46 KB
17 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=303066154723924&correlator=3361230995381936&eid=31079234%2C31079658%2C31079525%2C31078660%2C44714449&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=85042905%2Cvalor.web%2Clegislacao%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=3&didk=3740535728&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De55e15f9243c791c%3AT%3D1700381992%3ART%3D1700381992%3AS%3DALNI_MbYJlbxEMcKFJFSCyj-SLVVdWN5Sg&gpic=UID%3D00000da2b045df4c%3AT%3D1700381992%3ART%3D1700381992%3AS%3DALNI_MYuDDtZfADMtCvqaYgFJAb8Evbobw&arp=1&abxe=1&dt=1700381993525&lmt=1700381993&adxs=315&adys=235&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&vis=1&psz=1600x170&msz=1600x0&fws=4&ohw=1600&psts=AOrYGsmAg2R5ECg1x1WaAwa_48oFnfs6yEVlurx77cSj-YZb5MT6FleB547g3F5RLIlVwECBR_oLTL880RVu90SO2KbgWrrbAXAd&ga_vid=2088517343.1700381993&ga_sid=1700381993&ga_hid=1078870459&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYqM2otb4xSABSAghkEjsKCnB1YmNpZC5vcmcSJDE1ZjM2NzUzLTIwNTktNDFmMC05MDQxLWJmODNkYTU2YTZhMBjq0ai1vjFIABIdCg5lc3AuY3JpdGVvLmNvbRiozai1vjFIAFICCGQSFwoIcnRiaG91c2UYqM2otb4xSABSAghkEhkKCnVpZGFwaS5jb20Yp82otb4xSABSAghkEhQKBW9wZW54GKjNqLW-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yp82otb4xSABSAghk&cbidsp=CpMBCAESFwoHcnViaWNvbhDuBSACUgdydWJpY29uEhUKBmNyaXRlbxCFBSACUgZjcml0ZW8SIwoNc21hcnRhZHNlcnZlchCnBiACUg1zbWFydGFkc2VydmVyGAIiJDJmNThlMGE5LTQxZGUtNGFkNy04OWQ5LTg3NTg3OWNmZWJiYyoECAMgADIHdjguMTcuMECsG0oA&dlt=1700381989978&idt=1110&prev_scp=Editora.pos%3DTop%26rc%3Dmc-container-top_0&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D4%26Editora.url%3Dreceita-exige-irrf-sobre-direitos-creditorios%26Info.Entidades%3DRafael%2520Serrano%252CLeonardo%2520Freitas%2520de%2520Moraes%2520e%2520Castro%252CIRRF%2520(Imposto%2520de%2520Renda%2520Retido%2520na%2520Fonte)%252CCosit%2520(Coordena%25C3%25A7%25C3%25A3o-Geral%2520de%2520Tributa%25C3%25A7%25C3%25A3o)%252CSecretaria%2520da%2520Receita%2520Federal%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1700381991993%26prmtvvid%3D%26prmtvwid%3D&adks=1956674529&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4029748d94d28184c8695eee95ac5c05567dc89fd5e64f961f2a581595b85f6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17495
x-xss-protection
0
google-lineitem-id
6401051655
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138451323290
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypt
esp.rtbhouse.com/
521 B
795 B
Fetch
General
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e66551eebdaa1838d6a95826d6daccef70d7abd6efbba56a7849b30a6beb00ec

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
5e1cf45289462b239ed203a6a4cd88ae
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pd
google-bidout-d.openx.net/w/1.0/ Frame A705
594 B
811 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
95c1905d6f9676d998f6b9383c6dd1563451e47fee4ca94ba5a2016c7384e533

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
384
content-type
text/html
date
Sun, 19 Nov 2023 08:19:53 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
lib-analytics-latest.js
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/
14 KB
5 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
877c319b8a36e65249be764ce80ef3891edd45848ba3627b95c7499feb0be48d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
content-encoding
gzip
x-openstack-request-id
tx9ed7debc29064b459ac9d-006559c4ae
last-modified
Tue, 23 May 2023 21:09:44 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
x-object-meta-mtime
1684872817.000000
content-type
application/javascript
x-timestamp
1684876183.22388
cache-control
public, max-age=180
x-trans-id
tx9ed7debc29064b459ac9d-006559c4ae
x-request-id
3fa98a6a-3ab8-4810-84ef-b9c0a62cc066
sid
mug.criteo.com/ Frame 0533
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=valor.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=73y3t3xTQlIvTHFSZnQrNTBld00zUFdtVUN2SFBHN0J1MlBpcmRtZUhnSHlrZEZ3K0VyaVVJcWovSWRDQU9keU5xV3FtS2VoQ1FXclc0L3hXR213aGNTaHZncXA1czZQcmNqczRldjVkVG9HUVBCZXF3V2tycCtOdHdjWD...
441 B
673 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=73y3t3xTQlIvTHFSZnQrNTBld00zUFdtVUN2SFBHN0J1MlBpcmRtZUhnSHlrZEZ3K0VyaVVJcWovSWRDQU9keU5xV3FtS2VoQ1FXclc0L3hXR213aGNTaHZncXA1czZQcmNqczRldjVkVG9HUVBCZXF3V2tycCtOdHdjWDhUK2VLU216cWxNa0MyWEZ2aVJwckV0R05HS24yTUdoYVdiM2N2aDJ6c3lxb1QyTFQ3UmdPWHZBZTRZbXhzOTVLSzdMSlRsaXUrK1hvaDhQNmtSa3o2bEJ6OU13c2Y3SnAzck5HSk5HRUVUVHBTbDhHLzZMSHNaMld0VmpEdjZ1MW1PYlFtemk0QVU4ZjZDTDc2ZVBobCtiZWxuZDZ0dz09fA&cppv=2
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c62c1262a3980cc998af26426f784de47bba0a94eb43c20e6cd328cc2fad7f9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1254604
expires
0

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=73y3t3xTQlIvTHFSZnQrNTBld00zUFdtVUN2SFBHN0J1MlBpcmRtZUhnSHlrZEZ3K0VyaVVJcWovSWRDQU9keU5xV3FtS2VoQ1FXclc0L3hXR213aGNTaHZncXA1czZQcmNqczRldjVkVG9HUVBCZXF3V2tycCtOdHdjWDhUK2VLU216cWxNa0MyWEZ2aVJwckV0R05HS24yTUdoYVdiM2N2aDJ6c3lxb1QyTFQ3UmdPWHZBZTRZbXhzOTVLSzdMSlRsaXUrK1hvaDhQNmtSa3o2bEJ6OU13c2Y3SnAzck5HSk5HRUVUVHBTbDhHLzZMSHNaMld0VmpEdjZ1MW1PYlFtemk0QVU4ZjZDTDc2ZVBobCtiZWxuZDZ0dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
331163
content-length
0
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame F235
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT0lzVitpzB0DXOBGCXE5evyqm3K5T0EDkYNg7InJmJGW64d8N3PK-7o82KBBr6-QrNZhqADYB45Pg2y-dqtN-elp2TRS2oBQzZxCqTSe-9g8qzjYM8nlD_fqE6rM8bTsjjbh_w09M3dXISXip6JtYinPUZvxnkQTBcYl3nPgAP18icORWQbBcKXoimBm5fUZ2IRe8Rvn5G-NihpbRQ4ZslRiEprGZY5w_s9eP_QC8Ny3T0hRUAxfBc1KdUea4JNIOlraNJGY64JhJv31wuGH6MKsP0C93XhmLes1UkQBeF1P1YKPCAG4HuqGmnMq7krKLYwpq0ATpnOCllNkcUIlz8QCd-t-2JxfeHRuw338dsZEGjEAmj00u4xkah1JTjg&sai=AMfl-YQgwfsIj92GWRWxuOKj9hgvdZV3CRR8L0aT_RsdXFxgN1ZmcI0ldaVAajhdSxXQpEkrHqnrGyK50dX_eHWjE5OWFLCMtTYv0gMpBR9tkKMSRrBHBKoNEMDwfsgHTnvhA1r3mwDRMoiwWPTvlIWTWvAA&sig=Cg0ArKJSzKk4GUkjhghYEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 19 Nov 2023 08:19:54 GMT
modules.78e2d84033035343416f.js
script.hotjar.com/
225 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.78e2d84033035343416f.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1512996.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-7.yul62.r.cloudfront.net
Software
/
Resource Hash
d41871d2894dc875d0dad73822efe7d3d43c459d53dde0e0d2006cd5c7427e75
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 13:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 4afe58622c53f3abab57af35bd692fb4.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
241188
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
57067
last-modified
Thu, 16 Nov 2023 13:19:14 GMT
etag
"7b69405e970c278e52f057627811a838"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
QXWDXimyPMCoT8mWGX-_Ni1Kh_H2SdKvrJYAndYASJop0djes21iZw==
sync
gum.criteo.com/
73 B
315 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ff662943a24fb10f26be94401b2122363fa8a18960f03d53609fff7fc826e934
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
12052568
expires
60
56187
tag.navdmp.com/u/
511 B
535 B
Script
General
Full URL
https://tag.navdmp.com/u/56187
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48e609cb951cc90235ec4ba644699475f9dbd6d2d685d77aa6d5de628d61845a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 07 Sep 2021 18:45:00 GMT
server
cloudflare
etag
W/"6137b32c-1ff"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
828707e70bc5549d-YYZ
expires
Sun, 19 Nov 2023 09:19:54 GMT
iframe
pixel.mathtag.com/sync/ Frame 8A5B
677 B
1 KB
Document
General
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=fe226559-c52a-4300-b170-b415135d8eeb&no_iframe=1&mt_adid=225031&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1418239&mt_adid=225031&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.87.84.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-84-208.deploy.static.akamaitechnologies.com
Software
MT3 1075 283b7e3 master iad iad-pixel-x7 config_version:"455" /
Resource Hash
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
677
Content-Type
text/html
Date
Sun, 19 Nov 2023 08:19:54 GMT
Expires
Sun, 19 Nov 2023 08:19:53 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1075 283b7e3 master iad iad-pixel-x7 config_version:"455"
a41e59f0-7f7f-e994-dae8-6f5996c11978
pr-bh.ybp.yahoo.com/sync/openx/ Frame A705
43 B
605 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/a41e59f0-7f7f-e994-dae8-6f5996c11978?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:520a:c711:865a:bf81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame A705
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=680f43c9-f379-c027-2b31-fb3b01a51fd1
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=680f43c9-f379-c027-2b31-fb3b01a51fd1&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=680f43c9-f379-c027-2b31-fb3b01a51fd1&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ACX74TPXE4T834EM3T8K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3WEQYEC9FPAJXXCSYYCN
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=680f43c9-f379-c027-2b31-fb3b01a51fd1&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A705
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=30d93fb4-efd3-7bdd-eb3f-79ac6996d431&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=30d93fb4-efd3-7bdd-eb3f-79ac6996d431&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a902f120-5231-4d73-bf4d-b35c5110e8f0&ttd_puid=30d93fb4-efd3-7bdd-eb3f-79ac6996d431&gdpr=0&gdpr_consent=
43 B
250 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a902f120-5231-4d73-bf4d-b35c5110e8f0&ttd_puid=30d93fb4-efd3-7bdd-eb3f-79ac6996d431&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a902f120-5231-4d73-bf4d-b35c5110e8f0&ttd_puid=30d93fb4-efd3-7bdd-eb3f-79ac6996d431&gdpr=0&gdpr_consent=
date
Sun, 19 Nov 2023 08:19:54 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame A705
170 B
244 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWNiNmVjN2UtMjZhNC0yNTc5LWZlZGYtMjMxNWEzNzQxYTUx
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A705
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECXKohvMNvuy_oxWNNiQeEM&google_cver=1
43 B
181 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECXKohvMNvuy_oxWNNiQeEM&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECXKohvMNvuy_oxWNNiQeEM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/comp/
0
493 B
Image
General
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.87.84.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-84-208.deploy.static.akamaitechnologies.com
Software
MT3 1075 283b7e3 master iad iad-pixel-x24 config_version:"455" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:19:54 GMT
Server
MT3 1075 283b7e3 master iad iad-pixel-x24 config_version:"455"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Sun, 19 Nov 2023 08:19:53 GMT
selected-alternatives
globo-ab.globo.com/v2/
294 B
834 B
Fetch
General
Full URL
https://globo-ab.globo.com/v2/selected-alternatives?experiments=player-isolated-experiment-02&skipImpressions=true
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.229.88 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.229.95.34.bc.googleusercontent.com
Software
/
Resource Hash
5532eaed315fd695a665a8f4d4fca1797cfd97b26ffc0acd93f71a1794e7ecd8
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
strict-transport-security
max-age=300; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
trace-id
489e75d8b6257a60
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
view
securepubads.g.doubleclick.net/pcs/ Frame 601A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6dZmFQlP4I2cah_o8hema8LSquX2wmw-ngzKGDsJ84kvRozlxxK10oM3fuluMNwvrvEP-41giCXJt5bRE5TKL1VD1UhnDfAP4DODlmvdVOeNwGIo1aFa1M-k_l_K99sRnvltcYWvLAf-DePJdXcggAOTD8jurZMD3ZccvuABfKyJLwTmVxfgqixiafaDPFIY6KbklpyI32rwBFi14uug7vTzi1iQ9kTJBqNNHmOTlLnKvm26U4FzNhdFOVUehW6DxSVI40D2BZvDDW_qIvrqK_D6PVIG2PRbGqmH9Kb9nQwof16NcjtkRoz5kmgzzZKzb2aAEsfIyKTk4z80T797DGD4ALXDpFJD8y0Hpm5ZkrFCYzl6cOxOxhhnHAsg&sai=AMfl-YQXF0WqRMSir6T84pzhs9X7twok8Vq9g_9LK_0-tqGAwuiW30LA_3I5Pam1SvSeSIO-5pV39kj2cEFmD9cn8B1qHvpHJ8aDfNVXWi6Gr7tDtJho31hIX-ssj4UNsX4&sig=Cg0ArKJSzCWjZW51j1mXEAE&uach_m=[UACH]&adurl=
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 601A
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:28:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
31904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 23:28:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 601A
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Nov 2023 08:19:54 GMT
12583259961605656572
tpc.googlesyndication.com/simgad/ Frame 601A
45 KB
46 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12583259961605656572
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c253deaf9f11c65430a5d88e297652ff909d5fba8554309e7d7c0d402981f37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:46:43 GMT
x-content-type-options
nosniff
age
19991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46534
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 17:55:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 18 Nov 2024 02:46:43 GMT
l
www.google.com/ads/measurement/ Frame 601A
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvzAa6KanL1eyes2pAYo8oot6GEKMOZkxogLmWvzueN-GV_8HGqGNj0IO_ALmfZolukNh_n7h8rMw3dy-DEa9AZHmA4A
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

truncated
/ Frame 601A
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ed6110c7b4c370b9850df3925474c2abc41b46f5fba6a159138da8d505575ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
img
pixel.mathtag.com/comp/ Frame 8A5B
0
494 B
Image
General
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=fe226559-c52a-4300-b170-b415135d8eeb&no_iframe=1&mt_adid=225031&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.87.84.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-84-208.deploy.static.akamaitechnologies.com
Software
MT3 1075 283b7e3 master ord ord-pixel-x33 config_version:"2671" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=fe226559-c52a-4300-b170-b415135d8eeb&no_iframe=1&mt_adid=225031&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:19:54 GMT
Server
MT3 1075 283b7e3 master ord ord-pixel-x33 config_version:"2671"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Sun, 19 Nov 2023 08:19:53 GMT
usr
usr.navdmp.com/
359 B
431 B
Script
General
Full URL
https://usr.navdmp.com/usr?v=9&acc=56187&u=1&new=1&wst=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82b46b23fab2bbaa5c4a40db130fb598b848a304e15228e6b053c4f6e1a0437c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
828707e80c1c549d-YYZ
expires
Sun, 19 Nov 2023 09:19:54 GMT
valor
horizon-track.globo.com/event/
0
336 B
Ping
General
Full URL
https://horizon-track.globo.com/event/valor
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/85725c46f1bcc1991d1953a008c08562.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryLqBAD6yFShCZbxqa

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
x-served-from
hzt-tsuru
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,ADVERTISING_ID,EXT_ID,globoId
content-length
0
1896257967106140
connect.facebook.net/signals/config/
139 KB
36 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1896257967106140?v=2.9.138&r=stable&domain=valor.globo.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d09a661a5c0272509f4b4189bbf011ba0d535abc7d086af9e80c649cf7a48f63
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 19 Nov 2023 08:19:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
lYVkwrx//LBE13CzgmBYwlwpkCgviEQZcDt7rVf4nnKiFZ7u4g9Xpkr1ASDXBH761rdbs39wFM5Xtif2cxqieg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
i
ivccf.ivcbrasil.org.br/
0
0

view
securepubads.g.doubleclick.net/pcs/ Frame 601A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0KC8DSE13MDEvGFC8Rb98TPmhj6Ac_fPW48vUZ73zIfjv-hNjpyOjZ56Udbl7vjGxaYqbD7gZSnszcLbC1PHSiq2561zyIJI6w2wH84VZeVK6xCzekTQXMnzkPMDWpjS8lEJOmaoW1SKzSABlGwYxRLgc4qHDcbzV1Xmlw09CntwTXF_DhtzJsi4BUNWdd7dYIhH6YnyRlUF9oeggxj1mRA_9tzy9RuGtR7erQiL2WU65dfXiwaOOZhVJoQ-Kd30ECmG-o55SjPpD7gT-klRLjXHUmy9xkOYONUE1C0DAdu-gAeW0NV64e2GdcnWJR3mkmVT0O5oX1_y9PpktgtfhJT0KgxyzV4Y5yg4IMF0GoBTg61rNMRbI3JxHfWoMJQ&sai=AMfl-YR_cdnMwhXQ7tcDQYE_2hzmv_urVIwtEU_LbMQD20Qr0K-kpDHEen_Smo4VOrZ6C2TLG30BrmdCTeJnWdrZCuhEnkBJ3l_NDA5KOxs6kH5zXbjnf-AnHS2C1Ed7dYM&sig=Cg0ArKJSzD5XZ6ShK2z8EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 19 Nov 2023 08:19:54 GMT
req
cdn.navdmp.com/
6 B
77 B
Script
General
Full URL
https://cdn.navdmp.com/req?v=9&id=13aa2e3a646b169b899a92987d10%7C0&acc=56187&tit=Receita%2520exige%2520IRRF%2520sobre%2520direitos%2520credit%25F3rios%2520%257C%2520Legisla%25E7%25E3o%2520%257C%2520Valor%2520Econ%25F4mico&url=https%253A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%253Futm_medium%253Demail%2526_hsmi%253D281529863%2526_hsenc%253Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%2526utm_content%253D281529863%2526utm_source%253Dhs_email&upd=1&new=1&h1=Receita%2520exige%2520IRRF%2520sobre%2520direitos%2520credit%25F3rios
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
828707e91c67549d-YYZ
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=84459534948
  • https://sync2.navdmp.com/sync?prtid=2&id=84459534948&google_gid=CAESEMI8o4HY13r0zh5XRS7WrJw&google_cver=1
6 B
57 B
Script
General
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=84459534948&google_gid=CAESEMI8o4HY13r0zh5XRS7WrJw&google_cver=1
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
828707e9ecc7549d-YYZ
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=84459534948&google_gid=CAESEMI8o4HY13r0zh5XRS7WrJw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=fe226559-c52a-4300-b170-b415135d8eeb
43 B
129 B
Image
General
Full URL
https://sync.navdmp.com/sync?img=1&mdia=fe226559-c52a-4300-b170-b415135d8eeb
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
828707ea8cf5549d-YYZ
content-length
43
content-type
image/gif

Redirect headers

Date
Sun, 19 Nov 2023 08:19:54 GMT
Server
MT3 1075 283b7e3 master iad iad-pixel-x17 config_version:"455"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?img=1&mdia=fe226559-c52a-4300-b170-b415135d8eeb
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Sun, 19 Nov 2023 08:19:53 GMT
cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
284 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date
Sun, 19 Nov 2023 08:19:54 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.87
content-length
344
content-language
en
callback.min.js
s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/ Frame 74F3
87 KB
34 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/callback.min.js
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/login-callback.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
b9f6160b7ea7d0645d6201d24919b7289061f8d021e3c245ad5dd7b00ec66ff2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
x-openstack-request-id
tx9422912460d849f586397-006559c49d
last-modified
Thu, 01 Apr 2021 19:16:32 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
text/html
x-timestamp
1617304591.88878
cache-control
public, max-age=180
x-trans-id
tx9422912460d849f586397-006559c49d
x-request-id
3c8548e7-67dc-42c1-b880-7f545eb2ea96
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/
244 B
542 B
XHR
General
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=valor.com.br&domain=valor.globo.com&path=%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
59b71b192ab7d1f6499c046138f9cb3c954dfbf618f265907c4c7df049cd78dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
187
x-served-by
cache-yyz4566-YYZ
x-timer
S1700381995.841570,VS0,VE27
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 08:19:54 GMT
dw-check.html
experiences.mrf.io/marfeelpass/statics/ Frame F422
2 KB
1018 B
Document
General
Full URL
https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=3
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7c0515d686fcba9fcc6630d96fb9b37c3e3de1bb867f0fec81bbd6c0a02151a

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
141705
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400, s-maxage=2592000
cf-cache-status
HIT
cf-ray
828707ec3aa436c1-YYZ
content-encoding
gzip
content-type
text/html
date
Sun, 19 Nov 2023 08:19:54 GMT
last-modified
Fri, 17 Nov 2023 16:35:22 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-envoy-upstream-service-time
2
ingest.php
events.newsroom.bi/
126 B
871 B
XHR
General
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.95 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy07.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://valor.globo.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
86
compass-multimedia-sdk.js
sdk.mrf.io/statics/
6 KB
3 KB
Script
General
Full URL
https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=809
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45d34bfd3325f274af5887cb4e00c38b978798e12218bb27afc5bf8fbef17bdb

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
via
1.1 78c24f12c32901deb1cf3a6ac581e590.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
LHR61-C1
age
1703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
12
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 16:03:47 GMT
server
cloudflare
etag
W/"e372d700a1872da5d8a3af649e8e3f46"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
828707ea0cefa22c-YYZ
x-amz-cf-id
Q5glK2f-vD9Z7QtGN0gz0ApjPZBVJy-rspF83_00mY9nUKltT0ZRLw==
ping
ping.chartbeat.net/
43 B
202 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=valor.com.br&p=%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&u=BGeB4dCoKkpcBPv1-j&d=valor.globo.com&g=56624&g0=Valor%20Econ%C3%B4mico%2CLegisla%C3%A7%C3%A3o&g1=Joice%20Bacelo&n=1&f=00001&c=0&x=0&m=0&y=5949&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz-rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&b=6031&_m=email&_x=hs_email&_y=281529863&t=BDkgvd9rmPCC5e2oT7XYYuCMeRX5&V=141&i=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%20%7C%20Legisla%C3%A7%C3%A3o%20%7C%20Valor%20Econ%C3%B4mico&tz=480&_acct=anon&sn=1&sv=DN-osfDqoeppDH6rdtBUcD0LDgoW3R&sd=1&im=061b9eff&_
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.155.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-155-151.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:54 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
load.js
pm-widget.taboola.com/editoraglobonetwork/
13 KB
2 KB
Script
General
Full URL
https://pm-widget.taboola.com/editoraglobonetwork/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdd8a03d4f991abc68b26860acf789b9ab8b01bdb33b59a9f5861e68ca07f6b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
avFu_8YDlMZk2FadaSnJ93_6jfhKujAJ
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:54 GMT
x-amz-request-id
AE3E9D54VPDXVG9H
age
2087
x-cache
HIT
content-length
2158
x-amz-id-2
O2mQmyFylsbQLYX3FmDdoumqVMfYTCtboSoENZsjHbkyD6rEe0hG3ReBJWLTw4SgvJddVlnC8fI=
x-served-by
cache-yyz4571-YYZ
last-modified
Thu, 28 Sep 2023 09:53:53 GMT
server
AmazonS3
x-timer
S1700381995.596346,VS0,VE1
etag
"1a3a4c01368008685ab73c00426c052b"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20231116-8-RELEASE.js
cdn.taboola.com/libtrc/
819 KB
170 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b64321fd8b690c2b58b4a8f3959e97720b3db0350445ec3947e2e8cc3409107c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
_kI5ttVDhCqEeGHhZcRo5bvH1ylz9ugV
content-encoding
br
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:54 GMT
x-amz-request-id
FMJ1FRYC1MCWY943
age
20088
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173608
x-amz-id-2
ECC/Rl9fmgoVX9wuNPihYnafYNlVdIGqOzXvMsv5pTgdwdTkzrxh5tS91vcP00AqMYn0PLuwgyA=
x-served-by
cache-yyz4571-YYZ
last-modified
Thu, 16 Nov 2023 10:43:36 GMT
server
AmazonS3-br
x-timer
S1700381995.599239,VS0,VE0
etag
"1197218d03012ab8adb967e77a22c1b6"
vary
Accept-Encoding
content-type
application/javascript
abp
89
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
7828
json
trc.taboola.com/editoraglobo-valoreconomico/trc/3/
84 KB
30 KB
XHR
General
Full URL
https://trc.taboola.com/editoraglobo-valoreconomico/trc/3/json?llvl=2&tim=00%3A19%3A54.570&lti=trecs&pubit=n&t=1&data=%7B%22cmps%22%3A2%2C%22id%22%3A%2252897%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1700381994571%2C%22cv%22%3A%2220231116-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email%22%2C%22qs%22%3A%22%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email%22%2C%22vpi%22%3A%22%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5949%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22s%22%3A9%2C%22uim%22%3A%22thumbnails-g%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cd%22%3A2981.83%2C%22mw%22%3A648%7D%5D%2C%22rtui%22%3A%22kTjYTrxfDGPp5Al3kvXbOMspjf_Ouxkw%22%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%2CBelow%20Article%20Thumbnails%3Dthumbnails-g%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1700370089052%2C%22wc%22%3Atrue%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4a29ceb425d054195d839672011fabe9a5bd1af1f7cac8bbba4eec1ac3955950

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
480
date
Sun, 19 Nov 2023 08:19:55 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.17437499999999997
x-fastly-to-nlb-rtt
13574
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4571-YYZ
x-log-content-encoding
gzip
server
nginx
x-timer
S1700381995.608790,VS0,VE480
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
www.facebook.com/tr/
0
186 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1896257967106140&ev=PageView&dl=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&rl=&if=false&ts=1700381994626&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700381994624.569322294&cs_est=true&ler=empty&it=1700381994325&coo=false&rqm=GET
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f171:81:face:b00c:0:25de Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 19 Nov 2023 08:19:55 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
1adc9016349a356fdb69.js
sdk.mrf.io/statics/
51 KB
13 KB
Script
General
Full URL
https://sdk.mrf.io/statics/1adc9016349a356fdb69.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e712940af9f91087b951cd6475c117c6f478d73e5227b9a9171e76cf2deaaa

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
via
1.1 f5841082dc6315d95b98b8a8232554a4.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
CDG52-P6
age
1700
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
161
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 15 Nov 2023 10:53:43 GMT
server
cloudflare
etag
W/"1a5e799f6b8e64be6d7495ede955375e"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
828707eabd6aa22c-YYZ
x-amz-cf-id
Zz0q9Zr4NnPMJH-9s_aErJogC138oHjeg16TAQ4IFrHfuRyXmOjBzw==
pmk-20220605.13.js
pm-widget.taboola.com/editoraglobonetwork/
102 KB
29 KB
Script
General
Full URL
https://pm-widget.taboola.com/editoraglobonetwork/pmk-20220605.13.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/editoraglobonetwork/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d324e696d8eff869aba1a11fb57ee5ff41d486c1f4c0a4c41e70c705e8194cbd

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
riBLlp2W2iGvHi8DcZSGRiSyaeJmPBap
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:54 GMT
x-amz-request-id
YQ9WQVGWP5ZEDNWF
age
2245739
x-cache
HIT
content-length
28799
x-amz-id-2
m0mhImllW8VyMVr/rsP8XzXXYTMEKEJn1ypGDAXmN0WKAkVbWZAml2m5NHtnDm3PJo81uZN4/j0=
x-served-by
cache-yyz4550-YYZ
last-modified
Thu, 28 Sep 2023 09:53:52 GMT
server
AmazonS3
x-timer
S1700381995.925828,VS0,VE0
etag
"cf865437aa13ed4e856f389bfec9ae01"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
127
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.202.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-202-184.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://valor.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 19 Nov 2023 08:19:55 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/
0
126 B
Fetch
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_valor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.202.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-202-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 19 Nov 2023 08:19:55 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
1.tiny.js
static.infoglobo.com.br/paywall/js/
27 KB
6 KB
Script
General
Full URL
https://static.infoglobo.com.br/paywall/js/1.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
d7ae5a16c1890c44613e6e40818266e052783bbbd2b202836a5a7e014ece53a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
x-openstack-request-id
tx231815e605384546b9d10-00654d900e
x-cache-status
HIT
supportspointer
true
x-trans-id
tx231815e605384546b9d10-00654d900e
x-request-id
9f2793b3080fe8f0707b633a89352f95
last-modified
Tue, 31 Oct 2023 13:52:25 GMT
vary
Accept-Encoding, Origin
x-served-from
infoglobo-router-gcp
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-timestamp
1698760344.22648
cache-control
max-age=600
charset
utf-8
expires
Fri, 10 Nov 2023 02:16:08 GMT
18.tiny.js
static.infoglobo.com.br/paywall/js/
6 KB
2 KB
Script
General
Full URL
https://static.infoglobo.com.br/paywall/js/18.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
c1b9adf8339750ad910b2316ceabb71d5e180c2afd37fa69d529601c3f396fd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
x-openstack-request-id
tx5f2625a6ffed4443be32b-00654d900d
x-cache-status
HIT
supportspointer
true
x-trans-id
tx5f2625a6ffed4443be32b-00654d900d
x-request-id
e43a04489c16c7fa28febfab6e8fe1e6
last-modified
Tue, 31 Oct 2023 13:52:52 GMT
vary
Accept-Encoding, Origin
x-served-from
infoglobo-router-gcp
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-timestamp
1698760371.54717
cache-control
max-age=600
charset
utf-8
expires
Fri, 10 Nov 2023 02:16:11 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7TMHTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 19 Nov 2023 07:07:17 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4358
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 19 Nov 2023 09:07:17 GMT
destination
www.googletagmanager.com/gtag/
253 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-47NEHP2QTX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7TMHTJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
971a755a656fa51f00115c69b1e4d52726abe38486fb72f190b28f91d72da7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88270
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 Nov 2023 08:19:54 GMT
load
experience.tinypass.com/xbuilder/experience/
4 KB
1 KB
Script
General
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d802214cdaf6276aa13b5b161820bbc80660cf9429124233334b07a2d7978e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
date
Sun, 19 Nov 2023 08:19:55 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Nov 2023 08:01:41 GMT
server
cloudflare
age
1094
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
828707ed9afca1de-YYZ
alt-svc
h3=":443"; ma=86400
x-request-id
ml4h9wj837
expires
Sun, 19 Nov 2023 08:49:55 GMT
tm13574.js
tag.navdmp.com/
17 KB
5 KB
Script
General
Full URL
https://tag.navdmp.com/tm13574.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/valor/prod/lib-pub-ext-tags-valor-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Sep 2021 18:45:04 GMT
server
cloudflare
age
2056
etag
W/"6137b330-4291"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
828707eb4d33549d-YYZ
expires
Sun, 19 Nov 2023 08:45:38 GMT
dmp.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/
5 KB
3 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/valor/prod/lib-pub-ext-tags-valor-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
7f91f510bf434dc755bdc34f34662d421c483e144a31f09cb0f9a18a79a6b615

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
gzip
x-openstack-request-id
txd9e9bab66d6e4218b3477-006559ae1e
last-modified
Tue, 14 Nov 2023 16:28:21 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1699979300.18991
cache-control
max-age=18000
x-trans-id
txd9e9bab66d6e4218b3477-006559ae1e
x-request-id
911e6c56-ef4a-4b26-b667-b9b2140df588
t3m.js
tags.t.tailtarget.com/
64 KB
11 KB
Script
General
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-12842-2/CT-1047
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/valor/prod/lib-pub-ext-tags-valor-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 07:27:29 GMT
content-encoding
gzip
via
1.1 google
age
3146
x-guploader-uploadid
ABPtcPqhz7f0PpMMASfKoSvnRhq7myqw34nZfmOy42O7SVWFfD7QHKaQ3nxt58mKkb0r-72KTcFXEUqJyQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11157
last-modified
Wed, 16 Feb 2022 19:26:59 GMT
server
nginx/1.8.1
etag
"7baa2c88b7abc79944366989908f0a4f"
vary
Accept-Encoding
x-goog-generation
1645039619237034
x-goog-hash
md5=e6osiLerx5lENmmJkI8KTw==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
11157
accept-ranges
bytes
expires
Sun, 19 Nov 2023 09:27:29 GMT
/
usergate.globo.com/
30 B
305 B
Fetch
General
Full URL
https://usergate.globo.com/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.44.198.35.bc.googleusercontent.com
Software
/
Resource Hash
a21cb0da011f7f504e66e69b7136a2063ce68d6354a2d10b7cb783f6ca09e2a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
access-control-allow-headers
User-Agent,Content-Type,Cookie,X-App,GLBID,GST
ppub_config
securepubads.g.doubleclick.net/pagead/
1 KB
674 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9783394b55602596983034351126d66a03c4fff21bd4109f536dc90eab7fb9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
649
x-xss-protection
0
expires
Sun, 19 Nov 2023 08:19:54 GMT
card-interference-detector.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99421b40f443184550985570b0be696135f3d6a5b7cad183cbd1486160b11524

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
R9SKJbVn7wsZClWtkNH9g3bwoJOOzi72
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:54 GMT
x-amz-request-id
PPEVD542YQ4SPH92
age
250023
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2181
x-amz-id-2
u6BWSuNS0JdlIy4xbjftEI89+5Pzb4ppCD1g7LUxXF3UqrqdZg6ix3aTg3VoAVJFK9RnIL2tY7U=
x-served-by
cache-yyz4571-YYZ
last-modified
Thu, 16 Nov 2023 10:44:08 GMT
server
AmazonS3
x-timer
S1700381995.810641,VS0,VE0
etag
"1926c255287ac415d8d500472d03158f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
57
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
23363
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/1adc9016349a356fdb69.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
747dca702ebf4e0af93d9f328eb715bdfe8b46c4dde12f85801bf9efb6b69711
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-qCZ-JsguuZPw_kjmnEfUPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sun, 19 Nov 2023 08:19:55 GMT
usermatch.gif
beacon.krxd.net/
0
339 B
Script
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=false
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.189.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-189-89.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n034-ash-prod.krxd.net
date
Sun, 19 Nov 2023 08:19:55 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1700381995
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usr
usr.navdmp.com/
55 B
174 B
Script
General
Full URL
https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae8cfd578c1c05dda21096f7195870ebb1c06489da9b6e5cc66e7c390b1791f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Sun, 19 Nov 2023 08:19:55 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
max-age=3600
act
f0
cf-ray
828707ed0dcb549d-YYZ
expires
Sun, 19 Nov 2023 09:19:55 GMT
advertising.js
www.npttech.com/
6 KB
3 KB
Script
General
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WHQFJVQFQG4VN1MW
age
7002
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IJ4cOpfzW67u9e9AafDxFjDQdSq1cUzVtsFq2IDP41z/8koVVNqCGk7dih2YpbxCIUN1ryTIvCY=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTI0nXKlGUwa9jj2op4t1kJjRFzByZhV%2BIpy0M8NSdKCOfeoqtYQgNgUcVFEyp4XyfKa%2FH0Jd%2FuAnJ%2BlUQVDvdgB2SZUEavHHMSfNOVnvr9kJ2NJhINWAsH%2FJfMHwjIbUcujPinwbqP%2BdATGrIU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
828707efcb2ba1e0-YYZ
d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/
1 MB
277 KB
Script
General
Full URL
https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611dbfe2dff7e4e45b65030f4d49644d83eb5b27c5ec0a139bbf3140e72d6bb0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
d39f98ec-9259-4f8b-896d-7ab58be1f900
age
0
x-guploader-uploadid
ABPtcPrPV0Fqk_15yv9UeXsjJFKC5doPqoTt8ukwV-Juv7qfiji8JA5G-yC_AlxEzEj4RMmf3cwu1vC_SoR2KOSJnE0SWg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
283222
last-modified
Sat, 18 Nov 2023 17:21:43 GMT
server
cloudflare
etag
"78bc3939eb92021a021a40e50c16e7a0"
vary
Accept-Encoding
x-goog-generation
1700328103663342
content-type
application/javascript
x-goog-hash
crc32c=NVbSag==, md5=eLw5OeuSAhoCGkDlDBbnoA==
cache-control
public, max-age=900
x-goog-stored-content-length
283222
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707f04c6739ef-YYZ
expires
Sun, 19 Nov 2023 08:34:55 GMT
collect
www.google-analytics.com/g/
0
172 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-47NEHP2QTX&gtm=45je3b81v880470818z8893763177&_p=1700381992640&gcd=11l1l1l1l1&dma=0&cid=2088517343.1700381993&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700381995&sct=1&seg=0&dl=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&dt=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%20%7C%20Legisla%C3%A7%C3%A3o%20%7C%20Valor%20Econ%C3%B4mico&en=Eventos%20Piano&_fv=1&_ss=1&ep.event_category=Piano&ep.event_action=Cobertura_API_Sem&ep.event_label=SemClientId&tfd=6562
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-47NEHP2QTX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:55 GMT
x-amz-request-id
Q89PZAPY13C01VBS
age
2922
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
WyW+sQit27+5QQaPOprDWlxQkOlwneaUZDqksoV7u0dxhY+oAngI45yJEW41JVZdfQSdWufJIXs=
x-served-by
cache-yyz4550-YYZ
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1700381995.211408,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
80
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1012
eid.es5.js
cdn.taboola.com/scripts/
17 KB
7 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:55 GMT
x-amz-request-id
F0ERNPAEKW73Z8P2
age
18205
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
plsZvdnyCt2i8Bpor4XZ/Hw8FQ82hV+hAUU7z72e8PcCioobdkLHvDkUimb10ggYrfGsRVEk5hI=
x-served-by
cache-yyz4550-YYZ
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700381995.209636,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
64
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
10177
fraud-detect.js
cdn.taboola.com/scripts/
121 B
424 B
Script
General
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:55 GMT
x-amz-request-id
S9J5BFAA7WPTMDGJ
age
17035
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
wWtPRy+nUtfHDp77gPzlWCF3v6EWhngazARKv0aGBw+bq/wfsPbkn4AZ0roXloZfIZagWP16wbs=
x-served-by
cache-yyz4550-YYZ
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1700381995.211423,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
55
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
7404
social
ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/
0
523 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/social?lti=trecs&ri=c2906a34ec1e69f432e2731a1fb0b202&sd=v2_f47a3b7de51b1e731b0db9120841a992_9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa_1700381994_1700381994_CNawjgYQjv9JGMvcqLW-MSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoi7KQoMnujt4ucAE&ui=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&pi=%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&wi=-3734485881655432455&pt=text&vi=1700381994571&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%22%2C%22sec%22%3A%22legislacao%22%2C%22aut%22%3A%5B%22Joic%20Bacelo%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs2-valor.glbimg.com%2FHfgV3hic6k3R0M19E_AHIwoBjh4%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_63b422c2caee4269b8b34177e8876b93%2Finternal_photos%2Fbs%2F2023%2FR%2FQ%2FhJLkszQyaTJTmSOyPGkA%2Ffoto14leg-201-julga-e1.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://valor.globo.com
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/
451 B
620 B
Stylesheet
General
Full URL
https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:55 GMT
x-amz-request-id
7N92W09MEAK02MDY
age
14356
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
222
x-amz-id-2
cT2xC9fd+R9CQ3rXMgSK5ARgfryGIYEatWkbEMw5vuIAcmJ++t9x2yU5hSkcN/jL/dDaOD6pr/M=
x-served-by
cache-yyz4571-YYZ
last-modified
Tue, 07 Jul 2020 17:40:49 GMT
server
AmazonS3
x-timer
S1700381995.226161,VS0,VE0
etag
"1802e318f880ad7e5c7030e9da649cf6"
vary
Accept-Encoding
content-type
text/css
abp
57
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
4
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.7/
129 KB
35 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/4.5.7/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
709ce82adb613a29043fe6a6cd62f839d821b07308311298dbf55bafa5148c5f

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 44500049c6ef1f11906a2f915943ffbe.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
YTO50-C2
age
429971
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35012
x-served-by
cache-yyz4550-YYZ
last-modified
Tue, 14 Nov 2023 08:52:22 GMT
server
AmazonS3
x-timer
S1700381995.253198,VS0,VE0
etag
"ff10c242c389c7b4e3b60247f17b8625"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
7NcLqTWaSxtCW5MZ_tzvwXZHr488K1K9oiidr3KrTV9h3aqMXLaV8A==
x-cache-hits
6774
userx.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b47c015ef4aa39c3a3bd1c0e61b78a362027892650a3d892cfa9ae812fe40dce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
X6PWjf0XKt3BYd3PuYnS8efzykFumCfC
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:55 GMT
x-amz-request-id
CR9NFQGAKRD93W6H
age
250413
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5397
x-amz-id-2
pO1InHjNgpi43WZ98wdJYrJE/32HyX9lXb333SCTTZ+RkTWjN/QZw8N+XrHNTlSwTqnvbNpjH3k=
x-served-by
cache-yyz4571-YYZ
last-modified
Thu, 16 Nov 2023 10:43:31 GMT
server
AmazonS3
x-timer
S1700381995.252577,VS0,VE0
etag
"5ea2b7f5f7ca4d76996fc670b2ebc373"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
47
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
23737
distance-from-article.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7af59f6e1af5ff207fdf5079363a3660bf9139eb4c70e6e7cf7d8f4a2b2c9481

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
U1od7zFn.E3CrGutJ0uTEJm7AoMMR7dZ
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:55 GMT
x-amz-request-id
QS737HCSMDEEXARA
age
250488
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1132
x-amz-id-2
cN3bu7VNCImqURNh1WfmttrWsc/pdolNACK2VCzqeSv84+8SO7AldHCMkBPI3MYksCG2Sy7c0Us=
x-served-by
cache-yyz4571-YYZ
last-modified
Thu, 16 Nov 2023 10:44:04 GMT
server
AmazonS3
x-timer
S1700381995.255396,VS0,VE0
etag
"efa6760390ae7acf98dc5d392f96a63a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
73
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
102802
article-detection.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eb9653dcf9e6f0a00d34e3edaa6613bd6dca5c74b05cd5670af3d963a97e528

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
w.KPU407iD4toCcejeuMXCyx6pJjTU8_
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:55 GMT
x-amz-request-id
QS76AD6KSTN8Q0FD
age
250488
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1291
x-amz-id-2
fYNaUuguWkkL5xvo2E6991IhFa6X7ZdYO7qTO//x2ZUieqYbP1DnlVatwW1fQkUr7odklZa3LjU=
x-served-by
cache-yyz4571-YYZ
last-modified
Thu, 16 Nov 2023 10:44:12 GMT
server
AmazonS3
x-timer
S1700381995.255371,VS0,VE0
etag
"e8a34824a44d39e9d49b93d0c2e34a81"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
52
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
102768
explore-more.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
26 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3df19cbda74c943d3de0afd5990621355a70da8a743580d10be83fbe71dd500d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
IbO7Zx6pA8T1_CyNANAESeFyxJwLLZ4H
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:55 GMT
x-amz-request-id
QS7BC0SH3HNA531F
age
250488
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7706
x-amz-id-2
LPn031yoF/zxxDC5bbQTVEswfD3m95ZZ55RUk00rfYtm9G6p3ygb5Lr265DaERwlJk1F9AQ7GWk=
x-served-by
cache-yyz4571-YYZ
last-modified
Thu, 16 Nov 2023 10:44:01 GMT
server
AmazonS3
x-timer
S1700381995.255345,VS0,VE0
etag
"d7169d870c1ac2f73408c07cf1b991fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
80
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
43027
feed-card-placeholder.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d6ba5913127b81a76b25ab72bd7352876690efb0e42d1825f7618b5cbd52f85

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
dWmQPNr6R4sqfxHfo.2ROmBoVj1CnrRT
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:55 GMT
x-amz-request-id
QS79YD89JPK4GYTD
age
250488
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1261
x-amz-id-2
SQdvEE5ij91nbVQfsanonqIGmQymMw4hsFtN1LXbeU8Qbi+eYCEXj2ecOBEOAwefS2WHn7HIbts=
x-served-by
cache-yyz4571-YYZ
last-modified
Thu, 16 Nov 2023 10:43:59 GMT
server
AmazonS3
x-timer
S1700381995.256158,VS0,VE0
etag
"a106089876c08b590425b51ba81277ff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
57
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
87265
feed-view.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
23 KB
7 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-view.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80627bee1c974558a5409a1be1ede96a1c9794307d143c2d91fa6024907cf375

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
RsGHOX0GG8K9SWUvOtXqhipYwsKHaL4X
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:55 GMT
x-amz-request-id
QS71K2MVVX9WV4AE
age
250488
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6562
x-amz-id-2
M09mWD8jz7n2MarkgWpAQKZKXcBD1+CeO0tH4V+4y0FaNc38VypQL/oUzJL/a1narHJFJemNAD0=
x-served-by
cache-yyz4571-YYZ
last-modified
Thu, 16 Nov 2023 10:43:56 GMT
server
AmazonS3
x-timer
S1700381995.260304,VS0,VE0
etag
"7cd191fb3bb17493103e1d5031db766f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
92
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
36068
abtests
ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/
0
508 B
Image
General
Full URL
https://ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/abtests?route=US:CH:V&tvi48=10638&tvi50=9864&lti=trecs&ri=c2906a34ec1e69f432e2731a1fb0b202&sd=v2_f47a3b7de51b1e731b0db9120841a992_9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa_1700381994_1700381994_CNawjgYQjv9JGMvcqLW-MSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoi7KQoMnujt4ucAE&ui=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&pi=/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml&wi=-3734485881655432455&pt=text&vi=1700381994571&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700381995202%7D&tim=00%3A19%3A55.202&id=5286&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/
0
507 B
Image
General
Full URL
https://ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/supply-feature?route=US:CH:V&tvi48=10638&tvi50=9864&lti=trecs&ri=c2906a34ec1e69f432e2731a1fb0b202&sd=v2_f47a3b7de51b1e731b0db9120841a992_9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa_1700381994_1700381994_CNawjgYQjv9JGMvcqLW-MSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoi7KQoMnujt4ucAE&ui=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&pi=/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml&wi=-3734485881655432455&pt=text&vi=1700381994571&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=00%3A19%3A55.223&id=5224&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/
0
523 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/metrics?route=US%3ACH%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://valor.globo.com
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/
0
523 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/abtests?route=US%3ACH%3AV&lti=trecs&tvi48=10638&tvi50=9864&ri=c2906a34ec1e69f432e2731a1fb0b202&sd=v2_f47a3b7de51b1e731b0db9120841a992_9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa_1700381994_1700381994_CNawjgYQjv9JGMvcqLW-MSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoi7KQoMnujt4ucAE&ui=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&pi=%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&wi=-3734485881655432455&pt=text&vi=1700381994571&tim=00%3A19%3A55.183&id=1816&llvl=2&cv=20231116-8-RELEASE&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22brsd%22%2C%22type%22%3A%7B%22esv%22%3A%22ES2021%22%2C%22c%22%3Atrue%2C%22ss%22%3Atrue%2C%22ls%22%3Atrue%7D%2C%22eventTime%22%3A1700381995183%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://valor.globo.com
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
social
ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/
0
507 B
Image
General
Full URL
https://ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/social?route=US:CH:V&tvi48=10638&tvi50=9864&lti=trecs&ri=c2906a34ec1e69f432e2731a1fb0b202&sd=v2_f47a3b7de51b1e731b0db9120841a992_9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa_1700381994_1700381994_CNawjgYQjv9JGMvcqLW-MSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoi7KQoMnujt4ucAE&ui=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&pi=/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml&wi=-3734485881655432455&pt=text&vi=1700381994571&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%22%2C%22sec%22%3A%22legislacao%22%2C%22aut%22%3A%5B%22Joic%20Bacelo%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs2-valor.glbimg.com%2FHfgV3hic6k3R0M19E_AHIwoBjh4%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_63b422c2caee4269b8b34177e8876b93%2Finternal_photos%2Fbs%2F2023%2FR%2FQ%2FhJLkszQyaTJTmSOyPGkA%2Ffoto14leg-201-julga-e1.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=00%3A19%3A55.254&id=3380&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
59a1c6782409fe560505ff4334fea1fb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
6 KB
7 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59a1c6782409fe560505ff4334fea1fb.png
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
220b591ef26fc7da309f1fa8316c36cb6077411fcb626774bbd54b65426f3bd5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59a1c6782409fe560505ff4334fea1fb.png
age
2515919
edge-cache-tag
357084976643122718720566947842504474975,292136263367824640546384314487918184760,29ecf9b93bbf306179626feeda1fab70
cache-tag
357084976643122718720566947842504474975,292136263367824640546384314487918184760,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
92
req-referer
https://pubads.g.doubleclick.net/
content-length
6640
x-request-id
385c8d503d4e3c300cd3f17c3792cf40
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100055-IAD, cache-iad-kjyo7100055-IAD, cache-lga21979-LGA, cache-iad-kiad7000021-IAD, cache-yyz4571-YYZ
last-modified
Wed, 20 Sep 2023 06:52:39 GMT
server
nginx
surrogate-reporting
width=240,height=160,bytes=9630,owidth=1200,oheight=627,obytes=683385
x-timer
S1700381995.426583,VS0,VE1
etag
"9b1471657f1b3f42b57ee8747925b0eb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 10, 1
fingers-personality.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tips-and-tricks.co/2019/03/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tips-and-tricks.co/2019/03/fingers-personality.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9659dc6db64ba0d3843f9922284b6d880f3123aebd75e40916bc99d6b1276025

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tips-and-tricks.co/2019/03/fingers-personality.jpg
age
4527340
edge-cache-tag
347347307854726553258851972426006708747,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
cache-tag
347347307854726553258851972426006708747,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
54
expiration
expiry-date="Mon, 23 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.marca.com/en/football/2023/10/18/652f615d268e3e43418b458c.html
content-length
5186
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100081-IAD, cache-iad-kjyo7100081-IAD, cache-sna10744-LGB, cache-iad-kjyo7100154-IAD, cache-yyz4571-YYZ
last-modified
Fri, 22 Sep 2023 01:57:08 GMT
server
nginx
surrogate-reporting
width=480,height=320,bytes=14518,owidth=600,oheight=320,obytes=16839
x-timer
S1700381995.433625,VS0,VE1
etag
"5e694a134ed4540bca389d455cd37b97"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 29, 1, 8, 1
Salma%252BHayek%25252C%252Bmore%252Bnatural%252Band%252Bconfident%252Bthan%252Bever-0.jpg
images.taboola.com/taboola/image/fetch/h_160,w_240,c_fill,g_xy_center,x_902,y_503/https%3A//1.bp.blogspot.com/-VCc83diQe2c/YTpzV15y9PI/AAAAAAAGmR0/HIzqX0KksWYiAEv5JHUDc9VK8y0FjJQ2wCLcBGAsYHQ/s1616/
7 KB
7 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_160,w_240,c_fill,g_xy_center,x_902,y_503/https%3A//1.bp.blogspot.com/-VCc83diQe2c/YTpzV15y9PI/AAAAAAAGmR0/HIzqX0KksWYiAEv5JHUDc9VK8y0FjJQ2wCLcBGAsYHQ/s1616/Salma%252BHayek%25252C%252Bmore%252Bnatural%252Band%252Bconfident%252Bthan%252Bever-0.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
90d3a6dfecc505f3ecc370ebba908aae85b325b408f43eda8094ca9d70c4b64e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_160,w_240,c_fill,g_xy_center,x_902,y_503/https%3A//1.bp.blogspot.com/-VCc83diQe2c/YTpzV15y9PI/AAAAAAAGmR0/HIzqX0KksWYiAEv5JHUDc9VK8y0FjJQ2wCLcBGAsYHQ/s1616/Salma%252BHayek%25252C%252Bmore%252Bnatural%252Band%252Bconfident%252Bthan%252Bever-0.jpg
age
1633795
edge-cache-tag
576227435895553977153297930533031422550,375742674100210537462037917591901294052,29ecf9b93bbf306179626feeda1fab70
cache-tag
576227435895553977153297930533031422550,375742674100210537462037917591901294052,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
53
expiration
expiry-date="Tue, 21 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/
content-length
6664
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200165-IAD, cache-iad-kiad7000120-IAD, cache-lax-kwhp1940102-LAX, cache-iad-kiad7000068-IAD, cache-yyz4571-YYZ
last-modified
Sat, 21 Oct 2023 10:24:33 GMT
server
nginx
surrogate-reporting
width=240,height=160,bytes=17403,owidth=1616,oheight=1022,obytes=57992
x-timer
S1700381996.505680,VS0,VE1
etag
"70af1d8d1f25d92fd0a71bda506e8818"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 46, 1
bded29a2e4114a0bfd542e4f42039557.jpg
images.taboola.com/taboola/image/fetch/h_160,w_240,c_fill,g_xy_center,x_1380,y_675/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_160,w_240,c_fill,g_xy_center,x_1380,y_675/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bded29a2e4114a0bfd542e4f42039557.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1fbb2b4285833122a29d3225f0f64fbfd145042ffbfd3fc340b4eb9d61c9fae0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_160,w_240,c_fill,g_xy_center,x_1380,y_675/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bded29a2e4114a0bfd542e4f42039557.jpg
age
1526118
edge-cache-tag
451461976825475699065814827338418792742,332322685954764793831562068882990688568,29ecf9b93bbf306179626feeda1fab70
cache-tag
451461976825475699065814827338418792742,332322685954764793831562068882990688568,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
108
expiration
expiry-date="Mon, 27 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.marca.com/en/basketball/nba/los-angeles-lakers/2023/10/17/652ec27146163f366c8b45f9.html
content-length
4560
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200056-IAD, cache-iad-kiad7000151-IAD, cache-chi-klot8100069-CHI, cache-iad-kjyo7100049-IAD, cache-yyz4571-YYZ
last-modified
Fri, 27 Oct 2023 06:17:42 GMT
server
nginx
surrogate-reporting
width=240,height=160,bytes=13540,owidth=2400,oheight=1350,obytes=354442
x-timer
S1700381996.509117,VS0,VE1
etag
"33837c72e109e17081dcbf30c3c37cd9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 7, 1
c03550b93faed97f3350d270212b8167.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c03550b93faed97f3350d270212b8167.png
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
50dbe4629a7faf36662da5028d0286b5209d4ba33f8ce508c19e176e65d49bb2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c03550b93faed97f3350d270212b8167.png
age
1508829
edge-cache-tag
371295888373837894581386564384192317471,292136263367824640546384314487918184760,29ecf9b93bbf306179626feeda1fab70
cache-tag
371295888373837894581386564384192317471,292136263367824640546384314487918184760,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
130
req-referer
https://www.realclearpolitics.com/
content-length
12692
x-request-id
7e57dbd68d4dbee449df81ced9306978
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000129-IAD, cache-iad-kiad7000136-IAD, cache-lga21971-LGA, cache-iad-kiad7000129-IAD, cache-yyz4571-YYZ
last-modified
Tue, 03 Oct 2023 07:27:28 GMT
server
nginx
surrogate-reporting
width=240,height=160,bytes=17314,owidth=1176,oheight=558,obytes=527219
x-timer
S1700381996.512148,VS0,VE1
etag
"da147a1bd87f5d396f3a4ddf3c751e4e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 32, 1
491bc3b184363b8086d1225a89845827.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/491bc3b184363b8086d1225a89845827.png
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e42cf3976b8c8bef71d2ecf2eb176043d2307d4506590b878d4d5788ebbab233

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
267
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/491bc3b184363b8086d1225a89845827.png
age
0
edge-cache-tag
616314294887260903722427663718289139659,292136263367824640546384314487918184760,29ecf9b93bbf306179626feeda1fab70
cache-tag
616314294887260903722427663718289139659,292136263367824640546384314487918184760,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time
224
expiration
expiry-date="Sat, 09 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://valor.globo.com/
content-length
6930
x-backend-name
CH_nlb804
x-served-by
cache-iad-kcgs7200178-IAD, cache-iad-kiad7000020-IAD, cache-lga21955-LGA, cache-iad-kiad7000128-IAD, cache-yyz4571-YYZ
last-modified
Wed, 08 Nov 2023 04:34:47 GMT
server
nginx
surrogate-reporting
width=240,height=160,bytes=8247,owidth=1200,oheight=800,obytes=1016118
x-timer
S1700381996.589390,VS0,VE267
etag
"78bb36901bafc7b146134cf3fc1722d2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 0
ff568e3b392a5e5dfc452a8d6454d64f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff568e3b392a5e5dfc452a8d6454d64f.png
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3e7b76df538ae6607ca2f5db9515a3ef674f2d054cd985f512dfc40d39869f1f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
17
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff568e3b392a5e5dfc452a8d6454d64f.png
age
1479866
edge-cache-tag
417872530199758488581300522863590533112,292136263367824640546384314487918184760,29ecf9b93bbf306179626feeda1fab70
cache-tag
417872530199758488581300522863590533112,292136263367824640546384314487918184760,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time
107
expiration
expiry-date="Mon, 23 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.realclearpolitics.com/
content-length
8872
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200164-IAD, cache-iad-kcgs7200091-IAD, cache-chi-kigq8000176-CHI, cache-iad-kjyo7100024-IAD, cache-yyz4571-YYZ
last-modified
Fri, 22 Sep 2023 10:37:03 GMT
server
nginx
surrogate-reporting
width=240,height=160,bytes=13683,owidth=1200,oheight=627,obytes=1017162
x-timer
S1700381996.589380,VS0,VE17
etag
"a25d451c6c8b38c1a43c95be0f96060a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 20, 0
3e6ec9386de9bc5ec50eba298929aafe.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e6ec9386de9bc5ec50eba298929aafe.png
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96bb900ecd2c69b403611de7edc024e0af7f4d9c27a9f20dd30cde67053a0ca1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e6ec9386de9bc5ec50eba298929aafe.png
age
2052841
edge-cache-tag
452480017303209980687000688054588359435,292136263367824640546384314487918184760,29ecf9b93bbf306179626feeda1fab70
cache-tag
452480017303209980687000688054588359435,292136263367824640546384314487918184760,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
257
req-referer
https://www.rmf24.pl/
content-length
7688
x-request-id
4cfcd06bb0e814792134f396dca3e2a2
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200059-IAD, cache-iad-kcgs7200132-IAD, cache-lax-kwhp1940107-LAX, cache-iad-kjyo7100070-IAD, cache-yyz4571-YYZ
last-modified
Thu, 19 Oct 2023 01:29:04 GMT
server
nginx
surrogate-reporting
width=240,height=160,bytes=9174,owidth=1238,oheight=763,obytes=506834
x-timer
S1700381996.591964,VS0,VE1
etag
"5eaf09a632789413492b515b5eef1c83"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 116, 1
qraxbloqin5qpl2jpwyg.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1698832964/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1698832964/qraxbloqin5qpl2jpwyg.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f2af01c7f702a43aac8fc6b9a28e8bab64c460dcce821b1be1e4770d9d425730

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1698832964/qraxbloqin5qpl2jpwyg.jpg
age
155978
edge-cache-tag
484112837702745910209277506601872563883,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
cache-tag
484112837702745910209277506601872563883,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
208
expiration
expiry-date="Sat, 02 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.marca.com/en/lifestyle/celebrities/2023/10/15/652bf91846163fe1688b45c0.html
content-length
5254
x-backend-name
US_nlb104
x-served-by
cache-iad-kjyo7100140-IAD, cache-iad-kiad7000039-IAD, cache-ewr18121-EWR, cache-iad-kiad7000147-IAD, cache-yyz4571-YYZ
last-modified
Wed, 01 Nov 2023 10:19:38 GMT
server
nginx
surrogate-reporting
width=675,height=450,bytes=24246,owidth=800,oheight=450,obytes=25808
x-timer
S1700381996.633339,VS0,VE2
etag
"dc580a312123f3f496265f4f027259f7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 0, 1
janja.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s2-valor.glbimg.com/B3KoTdKvnobtGkFJPh54KediFtw%3D/1200x/smart/filters%3Acover%2...
71 KB
72 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s2-valor.glbimg.com/B3KoTdKvnobtGkFJPh54KediFtw%3D/1200x/smart/filters%3Acover%28%29%3Astrip_icc%28%29/i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/V/t/5UEas7SLmJi3Gi8qr7DA/janja.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aeadcdf0eb9f4e120c4e645ae666214d4bc179d68a887eaedbd199c1fa09d9ca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s2-valor.glbimg.com/B3KoTdKvnobtGkFJPh54KediFtw%3D/1200x/smart/filters%3Acover%28%29%3Astrip_icc%28%29/i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/V/t/5UEas7SLmJi3Gi8qr7DA/janja.jpg
age
359107
edge-cache-tag
318708693939484014730046729448643163383,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
318708693939484014730046729448643163383,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
1355
req-referer
https://valor.globo.com/financas/criptomoedas/noticia/2023/10/31/bitcoin-tem-segundo-melhor-ms-do-ano-ao-acumular-alta-de-286-pontos-percentuais-em-outubro.ghtml
content-length
73090
x-request-id
58d777b95a3e7e76af4df0e35a566f15
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000165-IAD, cache-iad-kiad7000111-IAD, cache-chi-klot8100025-CHI, cache-iad-kiad7000071-IAD, cache-yyz4571-YYZ
last-modified
Wed, 15 Nov 2023 00:22:53 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=88129,owidth=1200,oheight=857,obytes=227491
x-timer
S1700381996.633319,VS0,VE2
etag
"e443bfbd9ddd610f2a620de77c252b03"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 24, 1
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame DBFD
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZVnFLMCo8YQAAPcmuAcAAAAA
0
375 B
Image
General
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZVnFLMCo8YQAAPcmuAcAAAAA
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20677

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 19 Nov 2023 08:19:56 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"70.25.255.186","key":"ZVnFLMCo8YQAAPcmuAcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad449"}
X-SO-Key
ZVnFLMCo8YQAAPcmuAcAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad449
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZVnFLMCo8YQAAPcmuAcAAAAA
Cache-Control
private
X-SO-HostName
m-ad449.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng32.dc4p.scaleout.jp
X-SO-IP
70.25.255.186
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame DBFD
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=9911a809bd264a848d...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=9911a809bd264a848d1571c9e98f21ca
0
366 B
Image
General
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=9911a809bd264a848d1571c9e98f21ca
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
26054

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=9911a809bd264a848d1571c9e98f21ca
date
Sun, 19 Nov 2023 08:19:56 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame DBFD
0
0
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.53 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame DBFD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP57JAYC-21-7NJN
0
375 B
Image
General
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP57JAYC-21-7NJN
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21250

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP57JAYC-21-7NJN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Expires
0
/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame DBFD
Redirect Chain
  • https://trace.mediago.io/ju/cs/taboola
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1b7de7e8fc0c48492gttf900lp57jd2x
0
375 B
Image
General
Full URL
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1b7de7e8fc0c48492gttf900lp57jd2x
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21250

Redirect headers

date
Sun, 19 Nov 2023 08:19:56 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1b7de7e8fc0c48492gttf900lp57jd2x
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
sync.taboola.com/sg/google-network/1/rtb-h/ Frame DBFD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMcwGElTEYjgICD8s_I_1kM&google_cver=1
0
375 B
Image
General
Full URL
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMcwGElTEYjgICD8s_I_1kM&google_cver=1
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16813

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMcwGElTEYjgICD8s_I_1kM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
101956
jadserve.postrelease.com/dmp/ Frame DBFD
43 B
536 B
Image
General
Full URL
https://jadserve.postrelease.com/dmp/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.219.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-219-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:56 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DBFD
42 B
246 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa:$UID
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:19:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame DBFD
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa
date
Sun, 19 Nov 2023 08:19:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16813
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame DBFD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a902f120-5231-4d73-bf4d-b35c5110e8f0
0
386 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a902f120-5231-4d73-bf4d-b35c5110e8f0
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish
x-served-by
cache-yyz4571-YYZ
server
nginx
x-timer
S1700381995.411353,VS0,VE15
x-fastly-to-nlb-rtt
13585
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v2
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a902f120-5231-4d73-bf4d-b35c5110e8f0
date
Sun, 19 Nov 2023 08:19:55 GMT
server
Kestrel
content-length
239
rtset
bh.contextweb.com/bh/ Frame DBFD
49 B
692 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-m27bx
expires
-1
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DBFD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%...
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8c555a98-0f5a-4eab-b702-853c1da88aac&gdpr=0&gdpr_consent=&us_privacy=
0
375 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8c555a98-0f5a-4eab-b702-853c1da88aac&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28146

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:55 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8c555a98-0f5a-4eab-b702-853c1da88aac&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
881876
content-length
0
expires
Sun, 19 Nov 2023 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame DBFD
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F6%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/441/6/2.gif?puid=u_09202f15-366e-4fe3-9aab-4802ddfbd89e&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/5/3.gif?puid=B15F63C19F3A171F&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/464/108/4/4.gif?puid=566c06e1-5ef0-4571-90a4-d38b649d97c6&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=a902f120-5231-4d73-bf4d-b35c5110e8f0&ttl=%%TTL%%
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/2/6.gif?puid=23654a88-16f7-4171-9ec0-35f1dab47de3&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F1%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/1/7.gif?puid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/0/8.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/0/8.gif?puid=1226190852069536688&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-3dc49VhND7ObvzVLuuPvi6zyVn_Augu4CEDPTwZKGw
0
373 B
Image
General
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-3dc49VhND7ObvzVLuuPvi6zyVn_Augu4CEDPTwZKGw
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
42421

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-3dc49VhND7ObvzVLuuPvi6zyVn_Augu4CEDPTwZKGw
date
Sun, 19 Nov 2023 08:20:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame DBFD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26u...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26u...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=64c94da1-7249-5343-9f35-6a97fa6cafba&ssp=taboola&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
375 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
34892

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Sun, 19 Nov 2023 08:19:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame DBFD
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e92716a1-90a5-454d-aeae-7252ed358333
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e92716a1-90a5-454d-aeae-7252ed358333&tbid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&query=taboola_hm%3De92716a1-90a5-...
0
106 B
Image
General
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e92716a1-90a5-454d-aeae-7252ed358333&tbid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&query=taboola_hm%3De92716a1-90a5-454d-aeae-7252ed358333&isDirect=0
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 19 Nov 2023 08:19:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1700381997.005620,VS0,VE40
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yyz4571-YYZ

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e92716a1-90a5-454d-aeae-7252ed358333&tbid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&query=taboola_hm%3De92716a1-90a5-454d-aeae-7252ed358333&isDirect=0
date
Sun, 19 Nov 2023 08:19:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31693
xuid
eb2.3lift.com/ Frame DBFD
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 19 Nov 2023 08:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Sun, 19 Nov 2023 08:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame DBFD
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=b7e3dc97-05d2-4a8a-9991-782ac8eb7085
0
375 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=b7e3dc97-05d2-4a8a-9991-782ac8eb7085
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28224

Redirect headers

date
Sun, 19 Nov 2023 08:19:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=b7e3dc97-05d2-4a8a-9991-782ac8eb7085
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
30emp-100-aeris-b2-img01.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s2-valor.glbimg.com/acX4_8uvOU-H00rsY7lcXFgRXwo%3D/1200x/smart/filters%3Acover%2...
92 KB
93 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s2-valor.glbimg.com/acX4_8uvOU-H00rsY7lcXFgRXwo%3D/1200x/smart/filters%3Acover%28%29%3Astrip_icc%28%29/i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2021/b/x/tpWIIdSsCEHGnrM802CA/30emp-100-aeris-b2-img01.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
00ee2ba595e74586a6afcc0ba4acd373cb49bf40e10b4ddd35cde8f2cc05e4d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
17
date
Sun, 19 Nov 2023 08:19:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s2-valor.glbimg.com/acX4_8uvOU-H00rsY7lcXFgRXwo%3D/1200x/smart/filters%3Acover%28%29%3Astrip_icc%28%29/i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2021/b/x/tpWIIdSsCEHGnrM802CA/30emp-100-aeris-b2-img01.jpg
age
111399
edge-cache-tag
411113056894147657207975581411598011964,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
411113056894147657207975581411598011964,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
1988
req-referer
https://valor.globo.com/
content-length
93966
x-request-id
3db019df4a69c8d797db4800c2723f57
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200094-IAD, cache-iad-kiad7000135-IAD, cache-chi-klot8100091-CHI, cache-iad-kiad7000112-IAD, cache-yyz4571-YYZ
last-modified
Fri, 17 Nov 2023 22:27:01 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=98814,owidth=1200,oheight=655,obytes=183022
x-timer
S1700381996.406417,VS0,VE17
etag
"3e6b5ff1d735704c65c4d595c4cb8d26"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 11, 0
59a1c6782409fe560505ff4334fea1fb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
32 KB
33 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59a1c6782409fe560505ff4334fea1fb.png
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d44483addf892d0b839205f58ba775533f62e867bba1f2dfa51ed123b4d690db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Sun, 19 Nov 2023 08:19:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59a1c6782409fe560505ff4334fea1fb.png
age
2085103
edge-cache-tag
357084976643122718720566947842504474975,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
357084976643122718720566947842504474975,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
459
expiration
expiry-date="Sat, 04 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://cdn.taboola.com/
content-length
32938
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000168-IAD, cache-iad-kiad7000168-IAD, cache-lga21974-LGA, cache-iad-kcgs7200138-IAD, cache-yyz4571-YYZ
last-modified
Wed, 04 Oct 2023 10:06:41 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=42240,owidth=1200,oheight=627,obytes=683385
x-timer
S1700381997.508092,VS0,VE4
etag
"e4fa381b9b3ef5b56711db9f0a48bdea"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1, 11, 1
d78bbaeea45b4f63b08aee88a6c59a40-0-8010310e57374712bdc17d5996864882.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_558%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s2-valor.glbimg.com/sPdMPEfe3nKyzw83ARIyBaCXX0M%3D/1200x/smart/filters%3Acover%28...
19 KB
20 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_558%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s2-valor.glbimg.com/sPdMPEfe3nKyzw83ARIyBaCXX0M%3D/1200x/smart/filters%3Acover%28%29%3Astrip_icc%28%29/i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/D/w/Z7yTptSayrjFAV7mzXXQ/d78bbaeea45b4f63b08aee88a6c59a40-0-8010310e57374712bdc17d5996864882.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5bcee7a61c2166a0a79833e30496d4dc21e5cf2e917e519584bb818035fd8a01

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
17
date
Sun, 19 Nov 2023 08:19:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_558%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s2-valor.glbimg.com/sPdMPEfe3nKyzw83ARIyBaCXX0M%3D/1200x/smart/filters%3Acover%28%29%3Astrip_icc%28%29/i.s3.glbimg.com/v1/AUTH_63b422c2caee4269b8b34177e8876b93/internal_photos/bs/2023/D/w/Z7yTptSayrjFAV7mzXXQ/d78bbaeea45b4f63b08aee88a6c59a40-0-8010310e57374712bdc17d5996864882.jpg
age
204964
edge-cache-tag
567517626492738502516242817078299979913,495458622127106202389920960045148495995,29ecf9b93bbf306179626feeda1fab70
cache-tag
567517626492738502516242817078299979913,495458622127106202389920960045148495995,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time
801
req-referer
https://valor.globo.com/
content-length
19484
x-request-id
9dd50c4fc9700a16a014fac06ad70afe
x-backend-name
US_nlb106
x-served-by
cache-iad-kjyo7100123-IAD, cache-iad-kjyo7100158-IAD, cache-lga21978-LGA, cache-iad-kjyo7100084-IAD, cache-yyz4571-YYZ
last-modified
Thu, 16 Nov 2023 20:29:28 GMT
server
nginx
surrogate-reporting
width=1142,height=800,bytes=53374,owidth=1200,oheight=800,obytes=112286
x-timer
S1700381997.521538,VS0,VE17
etag
"99356d10e5e83e64971f4be1153c4c61"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 6, 0
fingers-personality.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tips-and-tricks.co/2019/03/
26 KB
27 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tips-and-tricks.co/2019/03/fingers-personality.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9abe36a97e71f63ed5b12f153574f90a80c49470f72ab06a0466a21432445967

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 19 Nov 2023 08:19:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tips-and-tricks.co/2019/03/fingers-personality.jpg
age
2716601
edge-cache-tag
347347307854726553258851972426006708747,588110943443000055148103821789501219624,29ecf9b93bbf306179626feeda1fab70
cache-tag
347347307854726553258851972426006708747,588110943443000055148103821789501219624,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
880
req-referer
https://ww2.goodtoknowthis.com/
content-length
27130
x-request-id
9baab8f7ff8136d109ba5f5b997b53bc
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200143-IAD, cache-iad-kcgs7200162-IAD, cache-sna10731-LGB, cache-iad-kcgs7200034-IAD, cache-yyz4571-YYZ
last-modified
Wed, 20 Sep 2023 16:16:07 GMT
server
nginx
surrogate-reporting
width=1500,height=750,bytes=54888,owidth=600,oheight=320,obytes=16839
x-timer
S1700381997.575669,VS0,VE1
etag
"c00a1da230ed9392858219d5a41e2a5c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 36, 1
Salma%252BHayek%25252C%252Bmore%252Bnatural%252Band%252Bconfident%252Bthan%252Bever-0.jpg
images.taboola.com/taboola/image/fetch/h_750,w_1500,c_fill,g_xy_center,x_902,y_503/https%3A//1.bp.blogspot.com/-VCc83diQe2c/YTpzV15y9PI/AAAAAAAGmR0/HIzqX0KksWYiAEv5JHUDc9VK8y0FjJQ2wCLcBGAsYHQ/s1616/
53 KB
54 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_750,w_1500,c_fill,g_xy_center,x_902,y_503/https%3A//1.bp.blogspot.com/-VCc83diQe2c/YTpzV15y9PI/AAAAAAAGmR0/HIzqX0KksWYiAEv5JHUDc9VK8y0FjJQ2wCLcBGAsYHQ/s1616/Salma%252BHayek%25252C%252Bmore%252Bnatural%252Band%252Bconfident%252Bthan%252Bever-0.jpg
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0a7eb8d5f1f931b69d0429bf81094462fbe56c921beda3856d390d7bc3a41fdb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 19 Nov 2023 08:19:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_750,w_1500,c_fill,g_xy_center,x_902,y_503/https%3A//1.bp.blogspot.com/-VCc83diQe2c/YTpzV15y9PI/AAAAAAAGmR0/HIzqX0KksWYiAEv5JHUDc9VK8y0FjJQ2wCLcBGAsYHQ/s1616/Salma%252BHayek%25252C%252Bmore%252Bnatural%252Band%252Bconfident%252Bthan%252Bever-0.jpg
age
2137581
edge-cache-tag
576227435895553977153297930533031422550,375831264689612584386198758879723657941,29ecf9b93bbf306179626feeda1fab70
cache-tag
576227435895553977153297930533031422550,375831264689612584386198758879723657941,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
391
expiration
expiry-date="Thu, 23 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.crash.net/
content-length
54580
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000123-IAD, cache-iad-kiad7000123-IAD, cache-lga21925-LGA, cache-iad-kiad7000043-IAD, cache-yyz4571-YYZ
last-modified
Mon, 23 Oct 2023 21:11:46 GMT
server
nginx
surrogate-reporting
width=1616,height=808,bytes=182040,owidth=1616,oheight=1022,obytes=57992
x-timer
S1700381997.593925,VS0,VE1
etag
"95b053914f32d4bcb9795db0cf2df394"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 10, 1, 47, 1
tinypass.min.js
cdn.tinypass.com/api/
384 KB
114 KB
Script
General
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59eb2597946aa8c95434f9ae866a18d834a05d0a1ee096c5a649f59ab1de81e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
x-amz-version-id
jRhpqAjZ2BKUi9F7LTJyATq_CqsxsMsH
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
5TC0KE3W3TPDDC14
age
13198
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-id-2
NHYdCix8dVXnZICXDhFBLrL2PqsnwlGvozVafoeyNsDjodKqrrUsL3TwWfLiuI6ZqeeFToJV31c=
last-modified
Tue, 14 Nov 2023 13:20:55 GMT
server
cloudflare
etag
W/"3c0a6dad9bd872cfbcb3ae9ea15f01b4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
828707f6df9ca1de-YYZ
expires
Sun, 19 Nov 2023 12:19:56 GMT
req
cdn.navdmp.com/
6 B
81 B
Script
General
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=13aa2e3a648df3069e20b99a0710&acc=13574&url=https%3A//valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&tit=Receita%20exige%20IRRF%20sobre%20direitos%20credit%F3rios%20%7C%20Legisla%E7%E3o%20%7C%20Valor%20Econ%F4mico&h1=Receita%20exige%20IRRF%20sobre%20direitos%20credit%F3rios
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
828707f6d902549d-YYZ
content-length
6
content-type
application/x-javascript
/
pips.taboola.com/
4 B
147 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
cache-yyz4550-YYZ
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://valor.globo.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
supply-feature
ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/
0
507 B
Image
General
Full URL
https://ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/supply-feature?route=US:CH:V&tvi48=10638&tvi50=9864&lti=trecs&ri=c2906a34ec1e69f432e2731a1fb0b202&sd=v2_f47a3b7de51b1e731b0db9120841a992_9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa_1700381994_1700381994_CNawjgYQjv9JGMvcqLW-MSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoi7KQoMnujt4ucAE&ui=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&pi=/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml&wi=-3734485881655432455&pt=text&vi=1700381994571&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A792.578125%2C%5C%22articleClasses%5C%22%3A%5C%22%20content-text__container%20%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22P%5C%22%2C%5C%22threshold%5C%22%3A%5C%22700%5C%22%7D%22%7D&tim=00%3A19%3A55.344&id=8581&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/
0
507 B
Image
General
Full URL
https://ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/supply-feature?route=US:CH:V&tvi48=10638&tvi50=9864&lti=trecs&ri=c2906a34ec1e69f432e2731a1fb0b202&sd=v2_f47a3b7de51b1e731b0db9120841a992_9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa_1700381994_1700381994_CNawjgYQjv9JGMvcqLW-MSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoi7KQoMnujt4ucAE&ui=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&pi=/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml&wi=-3734485881655432455&pt=text&vi=1700381994571&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22792.578125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=00%3A19%3A55.349&id=8407&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
css2
fonts.googleapis.com/
20 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 19 Nov 2023 08:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 Nov 2023 06:26:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Nov 2023 08:19:55 GMT
spa-detector.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dd20c9f608f4732b5cd45798d8a80feff63851f59549bdc56a867089834051e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
7QcC5tadVgGiWdOmI5x_aGnuaxCJwtWb
content-encoding
gzip
via
1.1 varnish
date
Sun, 19 Nov 2023 08:19:55 GMT
x-amz-request-id
QS7C5SN7DT7NWN3J
age
250488
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
779
x-amz-id-2
/f1ZelXkRhZ9P1UY9BWmmw6W6VRTXUho1gALjWWdtHplXCX1Rd7Z6Xh+SABiWZwXICXk7czj8Oo=
x-served-by
cache-yyz4571-YYZ
last-modified
Thu, 16 Nov 2023 10:43:43 GMT
server
AmazonS3
x-timer
S1700381995.386906,VS0,VE0
etag
"7653a5dacee64271085316a2604ddf96"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
44535
supply-feature
ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/
0
507 B
Image
General
Full URL
https://ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/supply-feature?route=US:CH:V&tvi48=10638&tvi50=9864&lti=trecs&ri=c2906a34ec1e69f432e2731a1fb0b202&sd=v2_f47a3b7de51b1e731b0db9120841a992_9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa_1700381994_1700381994_CNawjgYQjv9JGMvcqLW-MSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoi7KQoMnujt4ucAE&ui=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&pi=/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml&wi=-3734485881655432455&pt=text&vi=1700381994571&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=00%3A19%3A55.352&id=987&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/
0
507 B
Image
General
Full URL
https://ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/supply-feature?route=US:CH:V&tvi48=10638&tvi50=9864&lti=trecs&ri=c2906a34ec1e69f432e2731a1fb0b202&sd=v2_f47a3b7de51b1e731b0db9120841a992_9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa_1700381994_1700381994_CNawjgYQjv9JGMvcqLW-MSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoi7KQoMnujt4ucAE&ui=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&pi=/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml&wi=-3734485881655432455&pt=text&vi=1700381994571&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=00%3A19%3A55.355&id=1193&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/
0
507 B
Image
General
Full URL
https://ch-trc-events.taboola.com/editoraglobo-valoreconomico/log/3/abtests?route=US:CH:V&tvi48=10638&tvi50=9864&lti=trecs&ri=c2906a34ec1e69f432e2731a1fb0b202&sd=v2_f47a3b7de51b1e731b0db9120841a992_9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa_1700381994_1700381994_CNawjgYQjv9JGMvcqLW-MSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoi7KQoMnujt4ucAE&ui=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&pi=/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml&wi=-3734485881655432455&pt=text&vi=1700381994571&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1700381995355%7D&tim=00%3A19%3A55.355&id=9205&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
player.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/
2 MB
601 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
cf9a3cb0e83892ace23312c3579b18f4b375ddefb773d7196947f8fb4a958972

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
content-encoding
gzip
x-openstack-request-id
tx85eeba9b622d427ba231d-006558b8a2
last-modified
Thu, 16 Nov 2023 13:12:51 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
x-object-meta-mtime
1700139412.000000
content-type
application/javascript
x-timestamp
1700140370.87257
cache-control
public, max-age=86400
x-trans-id
tx85eeba9b622d427ba231d-006558b8a2
x-request-id
4712fefa-9408-45c0-becd-c29e2101df47
collect
www.google-analytics.com/j/
4 B
95 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1078870459&t=event&ni=0&_s=1&dl=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&dp=%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Cobertura_API_Sem&el=SemClientId&_u=YADAAEABAAAAACACI~&jid=1360388766&gjid=2036592839&cid=2088517343.1700381993&tid=UA-5487424-20&_gid=1220002044.1700381995&_r=1&_slc=1&gtm=45He3b81n81M7TMHTJv893763177&cd1=multi-content%20-%20&cd2=Anonimo&cd43=13-09-2023&cd46=Joice%20Bacelo&cd49=Valor%20Econ%C3%B4mico%2CLegisla%C3%A7%C3%A3o&cd57=False&cd60=para%20assinante&cd61=valor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&cd82=responsivo&cd91=&gcd=11l1l1l1l1&dma=0&z=952990610
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 601A
42 B
405 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstw-Up836daPpZwH5Gjduze4Sf6wMLEmop9zNVIdozIDmY85nQTx5CLzrrhlOlzHKMm2kcvUnGOdKbT_kdapVy5LcrXc3hNKwjDrjfltD2QcxDylMw2NLr3NPYkbzt-o5mb9Atf76oHsw&sig=Cg0ArKJSzG0zs03bR2ZTEAE&id=lidar2&mcvt=1020&p=190,436,280,1164&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20231116&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1956674529&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700381994146&rpt=223&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/
0
83 B
XHR
General
Full URL
https://cds.taboola.com/?uid=9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 19 Nov 2023 08:19:55 GMT
cache-control
no-store
server
nginx
www-widgetapi.js
www.youtube.com/s/player/190c935f/www-widgetapi.vflset/
215 KB
67 KB
Script
General
Full URL
https://www.youtube.com/s/player/190c935f/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb12f1b9b6d3171f23ada2b0c61fc393ea0dd63a2fe558efc7530f1565cf53e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:08:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68234
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 02:47:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 18 Nov 2024 08:08:11 GMT
destination
www.googletagmanager.com/gtag/
243 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-0527C72C4K&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7TMHTJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d74840ccc975374b516080bcc2767782fa3845f14cc8e6ab88d00084ce3795dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85927
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 Nov 2023 08:19:55 GMT
horizon-common-hit.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/
45 KB
15 KB
Script
General
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
content-encoding
gzip
x-openstack-request-id
tx56f3dbd82a614105b3258-006559c4be
last-modified
Tue, 27 Jun 2023 00:08:13 GMT
x-thanos
0A823003
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1687824492.72874
cache-control
public, max-age=180
x-trans-id
tx56f3dbd82a614105b3258-006559c4be
x-request-id
33dd8c29-1391-4bbb-8592-2cd71539681f
collect
www.google-analytics.com/
35 B
132 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1078870459&t=pageview&ni=0&_s=2&dl=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&dp=%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACACI~&jid=&gjid=&cid=2088517343.1700381993&tid=UA-5487424-20&_gid=1220002044.1700381995&gtm=45He3b81n81M7TMHTJv893763177&cd1=multi-content%20-%20materia&cd2=Anonimo&cd43=13-09-2023&cd46=Joice%20Bacelo&cd49=Valor%20Econ%C3%B4mico%2CLegisla%C3%A7%C3%A3o&cd57=False&cd60=para%20assinante&cd61=valor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&cd82=responsivo&cd91=&gcd=11l1l1l1l1&dma=0&z=847838107
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 03:13:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18394
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1078870459&t=event&ni=1&_s=3&dl=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&dp=%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Painel%20Realtime&ea=Tipo%20de%20Usuario&el=Anonimo&_u=aADAAEABAAAAACACI~&jid=&gjid=&cid=2088517343.1700381993&tid=UA-5487424-20&_gid=1220002044.1700381995&gtm=45He3b81n81M7TMHTJv893763177&cd1=multi-content%20-%20materia&cd2=Anonimo&cd43=13-09-2023&cd46=Joice%20Bacelo&cd49=Valor%20Econ%C3%B4mico%2CLegisla%C3%A7%C3%A3o&cd57=False&cd60=para%20assinante&cd61=valor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&cd82=responsivo&cd91=&gcd=11l1l1l1l1&dma=0&z=544963103
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 03:13:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18394
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1078870459&t=event&ni=1&_s=4&dl=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&dp=%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Painel%20Realtime&ea=Tipo%20de%20Pagina&el=Materia%20Fechada%20(Impresso)&_u=aADAAEABAAAAACACI~&jid=&gjid=&cid=2088517343.1700381993&tid=UA-5487424-20&_gid=1220002044.1700381995&gtm=45He3b81n81M7TMHTJv893763177&cd1=multi-content%20-%20materia&cd2=Anonimo&cd43=13-09-2023&cd46=Joice%20Bacelo&cd49=Valor%20Econ%C3%B4mico%2CLegisla%C3%A7%C3%A3o&cd57=False&cd60=para%20assinante&cd61=valor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&cd82=responsivo&cd91=&gcd=11l1l1l1l1&dma=0&z=1373957616
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 03:13:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18394
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
2 B
348 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-5487424-20&cid=2088517343.1700381993&jid=1360388766&gjid=2036592839&_gid=1220002044.1700381995&_u=YADAAEAAAAAAACACI~&z=1693209496
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 19 Nov 2023 08:19:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
st
imprchmp.taboola.com/ Frame EC9A
566 B
448 B
Document
General
Full URL
https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&cmcv=&pix=undefined&cb=1700381995641&uv=3358&tms=1700381995641&abt=adxsub-out_vA!adxsub-out_vB!ufm!uftchrwf_vC!unf_vC&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5328e3c4-f502-4979-a2ef-0b64c6a219b8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d60664bf06593ab62b851e1a308da845baffdd53d5558a879da2ca09ef4995be

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sun, 19 Nov 2023 08:19:55 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4571-YYZ
x-timer
S1700381996.689605,VS0,VE16
sync
ch-match.taboola.com/ Frame 9542
566 B
652 B
Document
General
Full URL
https://ch-match.taboola.com/sync?dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d60664bf06593ab62b851e1a308da845baffdd53d5558a879da2ca09ef4995be

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 19 Nov 2023 08:19:55 GMT
machineid
3801
server
nginx
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_8/assets/css/
60 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-mtime
1700031478
date
Sun, 19 Nov 2023 08:19:55 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HJJJTGTQCJ6XBXAJ
age
350444
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031478
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
B9GAYDGdzWvXi3n1xekVDovVSPbFb3fAQjZfvYqIBCeSXkPIccXr5aHxzlpIVf6uCsn1rQ/aHss=
x-served-by
cache-yyz4571-YYZ
last-modified
Wed, 15 Nov 2023 06:57:59 GMT
server
AmazonS3-br
x-timer
S1700381996.689570,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
86178
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/33_5_8/infra/
495 KB
106 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b7a28df9fd8e8ad450daac5b094b18098193278b633705067d357e5332b5715e

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-mtime
1700031436
date
Sun, 19 Nov 2023 08:19:56 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
9S2XXQ71NFA2X7AP
age
350440
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031437
x-amz-meta-mode
33188
content-length
107679
x-amz-id-2
+0/5Ug6eh2vsthAhytvMAONL5cDptM1JfFxUkrMpRG4lh5Mp2Z/4mts0KWuOkanx1xyHmZ1SiqM=
x-served-by
cache-yyz4550-YYZ
last-modified
Wed, 15 Nov 2023 06:57:18 GMT
server
AmazonS3-br
x-timer
S1700381997.614111,VS0,VE0
etag
"fad9c4b1e4b3ca4c3791418c72911e34"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
25061
st
ch-vid-events.taboola.com/
0
44 B
Image
General
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&cmcv=&pix=31589837&cb=1700381995641&uv=3358&tms=1700381995641&abt=adxsub-out_vA!adxsub-out_vB!ufm!uftchrwf_vC!unf_vC&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1700381988529.8!ts:1700381995641&mntl=1
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
content-length
0
server
nginx
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 9542
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qT.7L75E2oQIXucQFUylNPirxXDQ2F3QtSIjbw--~A
0
375 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qT.7L75E2oQIXucQFUylNPirxXDQ2F3QtSIjbw--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23529

Redirect headers

date
Sun, 19 Nov 2023 08:19:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qT.7L75E2oQIXucQFUylNPirxXDQ2F3QtSIjbw--~A
content-length
0
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 9542
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-ikkEvp5E2uEad8DJTQvsnhzNscwO.BcY~A&gdpr_in_effect=0
0
375 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-ikkEvp5E2uEad8DJTQvsnhzNscwO.BcY~A&gdpr_in_effect=0
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23529

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-ikkEvp5E2uEad8DJTQvsnhzNscwO.BcY~A&gdpr_in_effect=0
date
Sun, 19 Nov 2023 08:19:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame 7BFF
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ch-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Nov 2023 08:19:56 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
collect
www.google-analytics.com/g/
0
55 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0527C72C4K&gtm=45je3b81v889001220z8893763177&_p=1700381992640&gcd=11l1l1l1l1&dma=0&cid=2088517343.1700381993&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&sid=1700381995&sct=1&seg=0&dl=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&dt=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%20%7C%20Legisla%C3%A7%C3%A3o%20%7C%20Valor%20Econ%C3%B4mico&en=page_view&_fv=1&_ss=1&up.user_code=&up.user_code_provider=&tfd=7263
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-0527C72C4K&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame EC9A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qT.7L75E2oQIXucQFUylNPirxXDQ2F3QtSIjbw--~A
0
375 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qT.7L75E2oQIXucQFUylNPirxXDQ2F3QtSIjbw--~A
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&cmcv=&pix=undefined&cb=1700381995641&uv=3358&tms=1700381995641&abt=adxsub-out_vA!adxsub-out_vB!ufm!uftchrwf_vC!unf_vC&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5328e3c4-f502-4979-a2ef-0b64c6a219b8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21935

Redirect headers

date
Sun, 19 Nov 2023 08:19:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qT.7L75E2oQIXucQFUylNPirxXDQ2F3QtSIjbw--~A
content-length
0
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame EC9A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-ikkEvp5E2uEad8DJTQvsnhzNscwO.BcY~A&gdpr_in_effect=0
0
375 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-ikkEvp5E2uEad8DJTQvsnhzNscwO.BcY~A&gdpr_in_effect=0
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&cmcv=&pix=undefined&cb=1700381995641&uv=3358&tms=1700381995641&abt=adxsub-out_vA!adxsub-out_vB!ufm!uftchrwf_vC!unf_vC&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5328e3c4-f502-4979-a2ef-0b64c6a219b8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21935

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-ikkEvp5E2uEad8DJTQvsnhzNscwO.BcY~A&gdpr_in_effect=0
date
Sun, 19 Nov 2023 08:19:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame 8CDD
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&cmcv=&pix=undefined&cb=1700381995641&uv=3358&tms=1700381995641&abt=adxsub-out_vA!adxsub-out_vB!ufm!uftchrwf_vC!unf_vC&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5328e3c4-f502-4979-a2ef-0b64c6a219b8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprchmp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Nov 2023 08:19:56 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pxid
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/
46 B
396 B
XHR
General
Full URL
https://d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/pxid?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
842f79ad5f2dc0b38f7d7fe88ef199f238a7ff01d1d7e0eb5671f3add33e7f5a

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/
11 B
574 B
XHR
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:56 GMT
an-x-request-uuid
7583653c-22ff-4091-bb91-5531fa4b7274
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://valor.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
827d0bf6-70d5-411e-b17f-029d3784af32
https://valor.globo.com/
822 KB
0
Other
General
Full URL
blob:https://valor.globo.com/827d0bf6-70d5-411e-b17f-029d3784af32
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88bc30605c8d737cbe84860cbbdbe49973cc102be3daa4222c824725df74fbc3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
841314
Content-Type
c4b424b6-72c3-4c05-8266-826d912125ac
https://valor.globo.com/
822 KB
0
Other
General
Full URL
blob:https://valor.globo.com/c4b424b6-72c3-4c05-8266-826d912125ac
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88bc30605c8d737cbe84860cbbdbe49973cc102be3daa4222c824725df74fbc3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
841314
Content-Type
geoip
api.permutive.com/v2.0/
271 B
380 B
XHR
General
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4b7432396eda31862e90f1036288760df11037f2098010717db85de692c76164

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
184
d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
cdn.permutive.com/models/v2/
152 KB
107 KB
XHR
General
Full URL
https://cdn.permutive.com/models/v2/d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f42fc5d8f8c33838ce19c2e9e5fb47007ed9a594ec04152dc677df37349d8c0

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-goog-meta-oid
d39f98ec-9259-4f8b-896d-7ab58be1f900
age
0
x-guploader-uploadid
ABPtcPqMagseWNp2SzVTKcpX9Noj0qFisWXzRcRROZ1pqtO9zssqJd07394SdPa1NOZYa87WaOMRoTv_f_8j7Z4DCa5Pyw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
109020
last-modified
Fri, 17 Nov 2023 18:49:39 GMT
server
cloudflare
etag
"150c2b8abee10ee908e89ccffc8f7d86"
vary
Accept-Encoding
x-goog-generation
1700246979409028
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=eUL1LQ==, md5=FQwrir7hDukI6JzP/I99hg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
109020
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707f5d9e339e3-YYZ
expires
Sun, 19 Nov 2023 08:19:56 GMT
valor
horizon-track.globo.com/event/
0
335 B
Ping
General
Full URL
https://horizon-track.globo.com/event/valor
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/85725c46f1bcc1991d1953a008c08562.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryXOX77xPtBdkBSWd5

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
x-served-from
hzt-tsuru
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,ADVERTISING_ID,EXT_ID,globoId
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/
365 KB
126 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Sun, 19 Nov 2023 08:19:57 GMT
publishertag.prebid.139.js
static.criteo.net/js/ld/
95 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_valor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Nov 2023 08:19:56 GMT
ga-audiences
www.google.com/ads/
42 B
325 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5487424-20&cid=2088517343.1700381993&jid=1360388766&_u=YADAAEAAAAAAACACI~&z=2139444163
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
trc.taboola.com/editoraglobo-valoreconomico/log/3/
0
610 B
XHR
General
Full URL
https://trc.taboola.com/editoraglobo-valoreconomico/log/3/bulk?tvi48=10638&tvi50=9864&route=US%3ACH%3AV&lti=trecs&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
20
date
Sun, 19 Nov 2023 08:19:56 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13499
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4571-YYZ
pragma
no-cache
server
nginx
x-timer
S1700381996.332097,VS0,VE20
content-type
image/gif
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame 7BFF
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fa22e4ec07e2727d4d4bc2256e84153b63d770671f776e9bc3e465d40955fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:19:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Nov 2023 05:55:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77670
Connection
keep-alive
Content-Length
13230
Expires
Mon, 20 Nov 2023 05:54:26 GMT
usync.js
eus.rubiconproject.com/ Frame 8CDD
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fa22e4ec07e2727d4d4bc2256e84153b63d770671f776e9bc3e465d40955fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:19:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Nov 2023 05:55:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77670
Connection
keep-alive
Content-Length
13230
Expires
Mon, 20 Nov 2023 05:54:26 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
765 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sun, 19 Nov 2023 08:19:56 GMT
via
1.1 varnish
x-amz-request-id
C4YX393BV63BMCS9
age
2650
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
hJZ9rVKYX0/8YTS367+n1JLWaWxjxwlUGV9luK6w6nrhJtmZXbtiGq/h5BjCJKdhOOZFYFppGpg=
x-served-by
cache-yyz4571-YYZ
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1700381996.424650,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
40
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
64
khaos.json
token.rubiconproject.com/ Frame 7BFF
7 B
798 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Expires
0
publishertag.prebid.139.js
static.criteo.net/js/ld/
95 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Nov 2023 08:19:56 GMT
identify
api.permutive.com/v2.0/
50 B
265 B
XHR
General
Full URL
https://api.permutive.com/v2.0/identify?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
1c9b6505540ab042fd8ccd61c0153daee7fcb9dcc550aa271a80912c33a5541d

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:19:56 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
khaos.json
token.rubiconproject.com/ Frame 8CDD
7 B
798 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
segment
api.permutive.com/adv/v2/
37 B
102 B
XHR
General
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b30e332b569a4d1d3e934db078b1548179ceb8de1c861f521f7c9f8c46433501

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 19 Nov 2023 08:19:56 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
content-type
application/json
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/
427 KB
80 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d

Request headers

Referer
https://valor.globo.com/
Origin
https://valor.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-mtime
1700123877
date
Sun, 19 Nov 2023 08:19:56 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
CCQGFVGD8THRBXTF
age
258079
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700123890
x-amz-meta-mode
33188
content-length
81612
x-amz-id-2
H6i5BKe6lqj62cl57o4LPWAwJKOiZnYoMezlzA6B6ityq48ULd0CzMVAZJcK1lompojQ3saSq5A=
x-served-by
cache-yyz4550-YYZ
last-modified
Thu, 16 Nov 2023 08:38:11 GMT
server
AmazonS3-br
x-timer
S1700381997.808250,VS0,VE0
etag
"3d881848170c7ab7d2916771d7b9012f"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
68841
sync
ch-match.taboola.com/ Frame 9DBB
644 B
739 B
Document
General
Full URL
https://ch-match.taboola.com/sync?dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
738d4c7e29f7fc5a24c610c2627a1fc6cfc401ad072fcdf270c5129d25e347a0

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 19 Nov 2023 08:19:56 GMT
machineid
3802
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/
89 KB
89 KB
Media
General
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://valor.globo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sun, 19 Nov 2023 08:19:56 GMT
via
1.1 f8d2e956e186aef5f6c9bb38469c0bc4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
YTO50-C2
age
419241
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-yyz4571-YYZ
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1700381997.853492,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
oFODbJpksGPvTDTwFVXaSwXpk_mBeZPkBwoILGyA9Kenx3_dO2gXTw==
x-cache-hits
85182
cx.cce.js
cdn.cxense.com/
23 KB
6 KB
Script
General
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:780::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:19:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Aug 2023 09:25:23 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6042
Expires
Sun, 19 Nov 2023 09:19:57 GMT
execute
c2.piano.io/xbuilder/experience/
18 KB
4 KB
XHR
General
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c162c24d025b506f8ff57152e97304543407b48524ae2f60d8511450907f2ecf
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
xdaasjye8m
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
828707fb4c6036c3-YYZ
VideoBidRequestHandlerServlet
wf.taboola.com/
7 KB
4 KB
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=402&height=226&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700381996951&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1573&pt=-121778050&tz=-480&viewable=true&ddast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2768345&dpubid=375975&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vA!uftchrwf_vC!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fvalor.globo.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6ee63ffdcfa0a90d3f0ca89557eccb2c0e115f8e5aa9cddd3def8e0aa46c8692

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sun, 19 Nov 2023 08:19:57 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1176
x-cache
MISS
x-served-by
cache-yyz4571-YYZ
pragma
no-cache
server
nginx
x-timer
S1700381997.995009,VS0,VE64
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://vast.aniview.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
vast.aniview.com/api/adserver61/vast/
927 B
1002 B
XHR
General
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62386b3ebadec7045a63cea9&AV_URL=https%3A%2F%2Fvalor.globo.com&cb=R0.1700381996958&AV_WIDTH=402&AV_HEIGHT=226&AV_CCPA=1---&AV_SCHAIN=1.0,1!taboola.com,1212302,1,-1890874510,editoraglobo-valoreconomico,valor.globo.com&iiqpartner=755298539&vastretry=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
182942210601280ef292c922e76fb4a0d80bbb5dfbb86f6fcdd2dcb9adc95513

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain

Response headers

x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
date
Sun, 19 Nov 2023 08:19:57 GMT
x-bamboo-wl-track
track1.aniview.com
content-length
582
pragma
no-cache
x-bamboo-wl-player
https://player.aniview.com
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
x-bamboo-wl-serve
gov.aniview.com
access-control-allow-origin
https://valor.globo.com
content-type
text/xml
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Sun, 19 Nov 2023 08:19:57 GMT
33102358
ads.stickyadstv.com/vast/vpaid-adapter/
797 B
1 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/33102358?_fw_gdpr=0&schain=1.0,1!taboola.com,1212302,1,-1890874510&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
75f83da73873b66b78eab7f68898fbcff2cc351f015f6cc7da8b6a675ba956af

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:57 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://valor.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1700381997362009-302
/
vast.aniview.com/api/adserver61/vast/
915 B
993 B
XHR
General
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62386b30215b2a73db532664&AV_URL=https%3A%2F%2Fvalor.globo.com&cb=R0.1700381996960&AV_WIDTH=402&AV_HEIGHT=226&AV_CCPA=1---&AV_SCHAIN=1.0,1!taboola.com,1212302,1,-1890874510,editoraglobo-valoreconomico,valor.globo.com&iiqpartner=755298539
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
18eccbe6b3c90fccf23360c3d683ec9e07c23e588a5a514b3a58070aa9392728

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain

Response headers

x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
date
Sun, 19 Nov 2023 08:19:57 GMT
x-bamboo-wl-track
track1.aniview.com
content-length
573
pragma
no-cache
x-bamboo-wl-player
https://player.aniview.com
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
x-bamboo-wl-serve
gov.aniview.com
access-control-allow-origin
https://valor.globo.com
content-type
text/xml
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Sun, 19 Nov 2023 08:19:57 GMT
/
vast.aniview.com/api/adserver61/vast/
915 B
994 B
XHR
General
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce741fc6e4546c8d7def07&AV_URL=https%3A%2F%2Fvalor.globo.com&cb=R0.1700381996961&AV_WIDTH=402&AV_HEIGHT=226&AV_CCPA=1---&AV_SCHAIN=1.0,1!taboola.com,1212302,1,-1890874510,editoraglobo-valoreconomico,valor.globo.com&iiqpartner=755298539
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b2fa9e3dae5dbbeff1a290230de82cadb5d0e616fd1600fab1dbd448a383d9a9

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain

Response headers

x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
date
Sun, 19 Nov 2023 08:19:57 GMT
x-bamboo-wl-track
track1.aniview.com
content-length
574
pragma
no-cache
x-bamboo-wl-player
https://player.aniview.com
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
x-bamboo-wl-serve
gov.aniview.com
access-control-allow-origin
https://valor.globo.com
content-type
text/xml
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Sun, 19 Nov 2023 08:19:57 GMT
/
vast.aniview.com/api/adserver61/vast/
915 B
993 B
XHR
General
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce739af7dbc53bae7f0fe6&AV_URL=https%3A%2F%2Fvalor.globo.com&cb=R0.1700381996961&AV_WIDTH=402&AV_HEIGHT=226&AV_CCPA=1---&AV_SCHAIN=1.0,1!taboola.com,1212302,1,-1890874510,editoraglobo-valoreconomico,valor.globo.com&iiqpartner=755298539
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22d6642630d6b107b94d3b94b828d925789dbc0965908acf5056e0c5cc31087d

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain

Response headers

x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
date
Sun, 19 Nov 2023 08:19:57 GMT
x-bamboo-wl-track
track1.aniview.com
content-length
573
pragma
no-cache
x-bamboo-wl-player
https://player.aniview.com
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
x-bamboo-wl-serve
gov.aniview.com
access-control-allow-origin
https://valor.globo.com
content-type
text/xml
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Sun, 19 Nov 2023 08:19:57 GMT
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 7BFF
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LP57JAYC-21-7NJN
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
0
375 B
Image
General
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
36153

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Expires
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 9DBB
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=970033169764266234&expires=30&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
375 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
30627

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Sun, 19 Nov 2023 08:19:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 9DBB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fappnexus-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1---
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync-t1.taboola.com%252Fsg%252Fappnexus-network%252F1%252Frtb-h%252F%253Forig%253Dvideo%2526taboola_hm%253D%2524UID%2526us_privacy%253D1---
  • https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=1226190852069536688&us_privacy=1---
0
375 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=1226190852069536688&us_privacy=1---
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25123

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:57 GMT
an-x-request-uuid
07b10778-2497-4885-87eb-cadce45e3807
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=1226190852069536688&us_privacy=1---
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7BFF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2E4ZmI3NWI4YWIyZDEyM2U5NWQzZGRmY2Q3ZjU0OTBiYzBhY2NlYQ&gdpr=0&us_privacy=1---
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2E4ZmI3NWI4YWIyZDEyM2U5NWQzZGRmY2Q3ZjU0OTBiYzBhY2NlYQ&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2E4ZmI3NWI4YWIyZDEyM2U5NWQzZGRmY2Q3ZjU0OTBiYzBhY2NlYQ&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7BFF
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GD4YZH16W44KRX6K9K5N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7BFF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/VhWrY2XscUzfqXZQrqDpBcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DEJFPXtE2oJdhy1kwWehdPTv987b_Mh9yrzclg--~A
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DEJFPXtE2oJdhy1kwWehdPTv987b_Mh9yrzclg--~A
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DEJFPXtE2oJdhy1kwWehdPTv987b_Mh9yrzclg--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7BFF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA1N0pBWUMtMjEtN05KTg==&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEMFfGa0Kol6ALBULXOKjRxo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA1N0pBWUMtMjEtN05KTg==&google_push=&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA1N0pBWUMtMjEtN05KTg==&google_push=&gdpr=0
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA1N0pBWUMtMjEtN05KTg==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 7BFF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=&expires=30
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=&expires=30
date
Sun, 19 Nov 2023 08:19:57 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 7BFF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=s7ZoN7VcRZGwEK-tZVEx2g&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=s7ZoN7VcRZGwEK-tZVEx2g&gdpr=0
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=s7ZoN7VcRZGwEK-tZVEx2g&gdpr=0
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XX9SR61Q2HV95NSAEAJG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=s7ZoN7VcRZGwEK-tZVEx2g&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 7BFF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
0
517 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B2767B5FB7C6451FA380062191CF2269 Ref B: YTO01EDGE0821 Ref C: 2023-11-19T08:19:57Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKfQj1a+WNP4J0Bgvdig==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7BFF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1---
  • https://s.amazon-adsystem.com/ecm3?id=LP57JAYC-21-7NJN&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LP57JAYC-21-7NJN&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
69RW2BWP9P1JP391SP4Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LP57JAYC-21-7NJN&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 7BFF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDbfS54rWAygX1OsuDmLOS4&google_cver=1
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDbfS54rWAygX1OsuDmLOS4&google_cver=1
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDbfS54rWAygX1OsuDmLOS4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7BFF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGSDE7Ks4oAABbcxTk8jg&expires=30&gdpr=0
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGSDE7Ks4oAABbcxTk8jg&expires=30&gdpr=0
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGSDE7Ks4oAABbcxTk8jg&expires=30&gdpr=0
Date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/prebid/ Frame 7BFF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1---
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:57 GMT
an-x-request-uuid
6389b0a2-a800-415b-a26c-34d9ba6b514c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Expires
0
pixel
capi.connatix.com/us/ Frame 7BFF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LP57JAYC-21-7NJN&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LP57JAYC-21-7NJN&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---&final=true
82 B
82 B
Image
General
Full URL
https://capi.connatix.com/us/pixel?puid=LP57JAYC-21-7NJN&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---&final=true
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82870800cb30a222-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 19 Nov 2023 08:19:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LP57JAYC-21-7NJN&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
828707ffdab4a222-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
v1
match.sharethrough.com/sync/ Frame 7BFF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
68 B
281 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
18.204.254.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-254-22.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 7BFF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
95 B
430 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 7BFF
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=24ce2dbc-1c16-44eb-807b-e68ec5abc847&expires=30&gdpr=0&us_privacy=1---
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=24ce2dbc-1c16-44eb-807b-e68ec5abc847&expires=30&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=24ce2dbc-1c16-44eb-807b-e68ec5abc847&expires=30&gdpr=0&us_privacy=1---
Date
Sun, 19 Nov 2023 08:19:58 GMT
Connection
keep-alive
X-CI-RTID
46bb4dda-568c-4bf7-b84a-643bdaaaced7
Content-Length
175
Content-Type
text/html; charset=utf-8
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 7BFF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&us_privacy=1---
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP57JAYC-21-7NJN
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP57JAYC-21-7NJN&ckls=true&ci=TqVH7FXZzS&nc=false&trid=1727497006
43 B
1 KB
Image
General
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP57JAYC-21-7NJN&ckls=true&ci=TqVH7FXZzS&nc=false&trid=1727497006
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
13.225.195.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-23.yul62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:59 GMT
via
1.1 90afcdb26518f969b68e124515efb74c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
BvC8ghLmg8W5jRpZzdzGQ1EIzhJy4hojO1XVXBvSbcnOUu2pClimAA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:58 GMT
via
1.1 16f689172b396b7e266a396b6b5d6754.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP57JAYC-21-7NJN&ckls=true&ci=TqVH7FXZzS&nc=false&trid=1727497006
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
qUHnERPRtmKLogFM0oYAVO924gcdS9EM4hDWH_bAn_oREWUqUOawOw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
vast.aniview.com/api/adserver61/vast/
927 B
1001 B
XHR
General
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62386b3ebadec7045a63cea9&AV_URL=https%3A%2F%2Fvalor.globo.com&cb=R0.1700381997107&AV_WIDTH=402&AV_HEIGHT=226&AV_CCPA=1---&AV_SCHAIN=1.0,1!taboola.com,1212302,1,-1890874479,editoraglobo-valoreconomico,valor.globo.com&iiqpartner=755298539&vastretry=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c178398ef82510f868f44c74e911948d2e8c4b97b2242ba0472462ff67f0303e

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain

Response headers

x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
date
Sun, 19 Nov 2023 08:19:57 GMT
x-bamboo-wl-track
track1.aniview.com
content-length
581
pragma
no-cache
x-bamboo-wl-player
https://player.aniview.com
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
x-bamboo-wl-serve
gov.aniview.com
access-control-allow-origin
https://valor.globo.com
content-type
text/xml
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Sun, 19 Nov 2023 08:19:57 GMT
events
api.permutive.com/v2.0/batch/
101 B
130 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c6e3295c85d94b5773e851970bfa0736393d34995e5b360ff8b26c8abd054526

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
merge
ce.lijit.com/ Frame 8CDD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---&dnr=1
43 B
664 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---&dnr=1
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
magnite
prebid.a-mo.net/setuid/ Frame 8CDD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
0
452 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
cksync
hb.yahoo.net/ Frame 8CDD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP57JAYC-21-7NJN&redir=true&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP57JAYC-21-7NJN&gdpr=0&redir=true&us_privacy=1---
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS01Y3pQRGg1RTJ1RTZwbUdtN2UzdXdsRFBmb0FUcDM1SH5B&gdpr=0&ovsid=LP57JAYC-21-7NJN&dpid=58160&us_privacy=1---
53 B
648 B
Image
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS01Y3pQRGg1RTJ1RTZwbUdtN2UzdXdsRFBmb0FUcDM1SH5B&gdpr=0&ovsid=LP57JAYC-21-7NJN&dpid=58160&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
173.223.163.210 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a173-223-163-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 19 Nov 2023 08:19:58 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sun, 19 Nov 2023 08:19:58 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS01Y3pQRGg1RTJ1RTZwbUdtN2UzdXdsRFBmb0FUcDM1SH5B&gdpr=0&ovsid=LP57JAYC-21-7NJN&dpid=58160&us_privacy=1---
date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 8CDD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ERMWsRJhXKxxAxmZYZY3DEYZ_7o
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ERMWsRJhXKxxAxmZYZY3DEYZ_7o
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ERMWsRJhXKxxAxmZYZY3DEYZ_7o
Date
Sun, 19 Nov 2023 08:19:57 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 8CDD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1164&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=383984206483609004
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=383984206483609004
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=383984206483609004
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 8CDD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=8c555a98-0f5a-4eab-b702-853c1da88aac&gdpr=0&us_privacy=1---
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=8c555a98-0f5a-4eab-b702-853c1da88aac&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:56 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=8c555a98-0f5a-4eab-b702-853c1da88aac&gdpr=0&us_privacy=1---
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1231479
content-length
0
expires
Sun, 19 Nov 2023 00:00:00 GMT
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 8CDD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
0
285 B
Image
General
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8CDD
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=666d506a-1afa-4f63-b682-fe4f55c55681
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=666d506a-1afa-4f63-b682-fe4f55c55681
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Sun, 19 Nov 2023 08:18:49 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=666d506a-1afa-4f63-b682-fe4f55c55681
cache-control
private,no-cache
content-length
223
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 8CDD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3252457447538295465&expires=60&gdpr=0&gdpr_consent=
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3252457447538295465&expires=60&gdpr=0&gdpr_consent=
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3252457447538295465&expires=60&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 8CDD
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=1226190852069536688&expires=30&gdpr=0&us_privacy=1---
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=1226190852069536688&expires=30&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:57 GMT
an-x-request-uuid
9321b8ee-455e-407d-b134-16edc7272b21
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=1226190852069536688&expires=30&gdpr=0&us_privacy=1---
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8CDD
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0&us_privacy=1---
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1700381997502&us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-dacc658d-55c3-4b...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005&expires=30&us_privacy=1---
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005&expires=30&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date
Sun, 19 Nov 2023 08:19:58 GMT
Server
Tengine
ETag
RXdacc658d55c34b1a9a355253d202203c005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005&expires=30&us_privacy=1---
Content-Type
text/html
Connection
keep-alive
esync
token.rubiconproject.com/ Frame 8CDD
Redirect Chain
  • https://id.rlcdn.com/709414.gif?gdpr=0&us_privacy=1---
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 19 Nov 2023 08:19:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
143
match.deepintent.com/usersync/ Frame 8CDD
0
341 B
Image
General
Full URL
https://match.deepintent.com/usersync/143?gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 19 Nov 2023 08:19:57 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
cs
cs.minutemedia-prebid.com/ Frame 8CDD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0&us_privacy=1---
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
0
327 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
54.211.177.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-177-173.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LP57JAYC-21-7NJN&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame 8CDD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&us_privacy=1---
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LP57JAYC-21-7NJN&name=RUBICON&gdpr=0&us_privacy=1---
49 B
386 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LP57JAYC-21-7NJN&name=RUBICON&gdpr=0&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
52.33.237.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-237-62.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:58 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LP57JAYC-21-7NJN&name=RUBICON&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8CDD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&gdpr=0&us_privacy=1---
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&expires=360&gdpr=0&gdpr_consent=
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&expires=360&gdpr=0&gdpr_consent=
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:58 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&expires=360&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C96B
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.136.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-136-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ch-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=72732
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 19 Nov 2023 08:19:57 GMT
expires
Mon, 20 Nov 2023 04:32:09 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/
587 B
667 B
XHR
General
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f71c0aac9d0e7abb32cd8ed1dafa96062b10b692338e59e1918798aee1b3a641
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M953d4sD21H
pragma
no-cache
wn
prod-dash-10-0-136-211
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.002
cache-control
no-cache, no-store, must-revalidate
cf-ray
828707febf0d39c3-YYZ
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame E121
37 KB
8 KB
Document
General
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ac4c2976f738cbb4b218b8ffce20a613350aa7a83964978f73732682df1fe7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
828707fc9aafa1de-YYZ
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sun, 19 Nov 2023 08:19:57 GMT
expires
Sun, 19 Nov 2023 08:34:57 GMT
last-modified
Sun, 19 Nov 2023 08:19:57 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.002
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-125-79
x-forwarded-https
on
x-request-id
M953d4s18jQ
x-xss-protection
0
subscribe-button.js
static.infoglobo.com.br/paywall/valor-subscribe-button/v1/scripts/
2 KB
1 KB
XHR
General
Full URL
https://static.infoglobo.com.br/paywall/valor-subscribe-button/v1/scripts/subscribe-button.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
ac2b0b24d095a1cbd0b3a8a099a9df8c82013e2901a7a46a0a47c1b50d941e05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
gzip
x-openstack-request-id
tx78b10d8d08684141ac01f-00654d8a8f
x-cache-status
HIT
supportspointer
true
x-trans-id
tx78b10d8d08684141ac01f-00654d8a8f
x-request-id
c25acd2d9def7a907b5a284d82077c7e
last-modified
Tue, 31 Oct 2023 13:55:32 GMT
vary
Accept-Encoding, Origin
x-served-from
infoglobo-router-gcp
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-timestamp
1698760531.50116
cache-control
max-age=600
charset
utf-8
expires
Fri, 10 Nov 2023 01:52:39 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/
588 B
420 B
XHR
General
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c3fd27793b4ad3d96fb90fe9eaa3a9e9ffb9c1ef559c56e1d1516c70390cbe
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M953d4sPkED
pragma
no-cache
wn
prod-dash-10-0-83-6
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.002
cache-control
no-cache, no-store, must-revalidate
cf-ray
828707febf0e39c3-YYZ
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame DD65
7 KB
3 KB
Document
General
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc041cd2ffa47bea44617869730c0b26a1d4a6a9ef2de99638a067d1de25ea8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
828707fcdad7a1de-YYZ
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sun, 19 Nov 2023 08:19:57 GMT
expires
Sun, 19 Nov 2023 08:34:57 GMT
last-modified
Sun, 19 Nov 2023 08:19:57 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.002
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-84-53
x-forwarded-https
on
x-request-id
M953d4sPchq
x-xss-protection
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 7C4F
446 KB
104 KB
Script
General
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f2:1000:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 12:22:14 GMT
content-encoding
br
via
1.1 3c2cce3cdfd36bc274459a19f7cd6870.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P1
x-cache-status
MISS
x-cache
Hit from cloudfront
last-modified
Thu, 06 Jul 2023 01:58:30 GMT
server
CloudFront
etag
W/"64a61fc6-6f992"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
x-amz-cf-id
Msv8K5IS1uq1HdEXPuqL7QvDbql-yyFS1vq1FhQNvEkDWMoeUIIb8Q==
expires
Sun, 19 Nov 2023 12:22:14 GMT
experiences
flowcards.mrf.io/json/
66 B
295 B
Fetch
General
Full URL
https://flowcards.mrf.io/json/experiences?url=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&clid=4e0ba2a6-19e9-404a-8a18-e9ea1963eee9&fvst=1700381994&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-09-14T05:00:41.999-03:00&qpa=utm_medium,_hsmi,_hsenc,utm_content,utm_source&sdu=3&sid=1464&utyp=0&u_mdm=email&u_cnt=281529863&u_src=hs_email
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4771b6e6d80480ff9d9ca116255b55e6a618fe445961840333b32a1315255e50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
gzip
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-envoy-upstream-service-time
283
accept-ranges
bytes
cf-ray
828707ff2a5f36c0-YYZ
alt-svc
h3=":443"; ma=86400
content-length
75
AVmanager.js
player.aniview.com/script/6.1/ Frame F0F7
450 KB
129 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
56b1c88c8b62434e59549e320901886f86e83f95d09c13e20ab2bcdff03443a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqlM-TBWm7fZ4AREXVBsZ6Wjyz-hdkce2PdDD4HsTcEYHFJgYzd2l1EZnqCINsCwZVt-f-k5vAjxs9dx8u8U54Rg1obhn1L
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
131472
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"ec19800dbe390ed09d8525aa81b81d5d"
vary
Accept-Encoding
x-goog-generation
1699872514445632
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dKO+ow==, md5=7BmADb45DtCdhSWqgbgdXQ==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
131472
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:57 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame FF48
450 KB
129 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
56b1c88c8b62434e59549e320901886f86e83f95d09c13e20ab2bcdff03443a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqlM-TBWm7fZ4AREXVBsZ6Wjyz-hdkce2PdDD4HsTcEYHFJgYzd2l1EZnqCINsCwZVt-f-k5vAjxs9dx8u8U54Rg1obhn1L
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
131472
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"ec19800dbe390ed09d8525aa81b81d5d"
vary
Accept-Encoding
x-goog-generation
1699872514445632
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dKO+ow==, md5=7BmADb45DtCdhSWqgbgdXQ==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
131472
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:57 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 52A5
450 KB
129 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
56b1c88c8b62434e59549e320901886f86e83f95d09c13e20ab2bcdff03443a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqlM-TBWm7fZ4AREXVBsZ6Wjyz-hdkce2PdDD4HsTcEYHFJgYzd2l1EZnqCINsCwZVt-f-k5vAjxs9dx8u8U54Rg1obhn1L
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
131472
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"ec19800dbe390ed09d8525aa81b81d5d"
vary
Accept-Encoding
x-goog-generation
1699872514445632
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dKO+ow==, md5=7BmADb45DtCdhSWqgbgdXQ==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
131472
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:57 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 06EB
450 KB
129 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
56b1c88c8b62434e59549e320901886f86e83f95d09c13e20ab2bcdff03443a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqlM-TBWm7fZ4AREXVBsZ6Wjyz-hdkce2PdDD4HsTcEYHFJgYzd2l1EZnqCINsCwZVt-f-k5vAjxs9dx8u8U54Rg1obhn1L
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
131472
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"ec19800dbe390ed09d8525aa81b81d5d"
vary
Accept-Encoding
x-goog-generation
1699872514445632
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dKO+ow==, md5=7BmADb45DtCdhSWqgbgdXQ==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
131472
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:57 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 357E
450 KB
129 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
56b1c88c8b62434e59549e320901886f86e83f95d09c13e20ab2bcdff03443a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqlM-TBWm7fZ4AREXVBsZ6Wjyz-hdkce2PdDD4HsTcEYHFJgYzd2l1EZnqCINsCwZVt-f-k5vAjxs9dx8u8U54Rg1obhn1L
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
131472
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"ec19800dbe390ed09d8525aa81b81d5d"
vary
Accept-Encoding
x-goog-generation
1699872514445632
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dKO+ow==, md5=7BmADb45DtCdhSWqgbgdXQ==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
131472
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:57 GMT
cx.js
cdn.cxense.com/
111 KB
36 KB
Script
General
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:780::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e24f4435ed44c776ecd6169210d9b1b0eab440299182a8519027e7b1d59cbf96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:19:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 16:54:09 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36913
Expires
Sun, 19 Nov 2023 09:19:57 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame E121
126 KB
78 KB
Stylesheet
General
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
5970
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 14:42:38 GMT
wn
prod-dash-10-0-121-132
server
cloudflare
etag
W/"128533-1700145758000"
vary
Accept-Encoding
content-type
text/css
server-time
0.000
cache-control
public, max-age=7200
cf-ray
828707fd7b37a1de-YYZ
expires
Sun, 19 Nov 2023 10:19:57 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame E121
95 KB
30 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1562021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ljuP%2B17syrAAyEkPOyf363yctLAbuZ9h7z%2FrhLHbVWXTcXcxFMUBNXGFlrBw%2BUyc4QwoQPdsjWDAmrmQetJ8NERmH6OQeaw68%2F524DH%2BGja%2FPq0EBlnVxmAPmtzteMMwZAI9o91DuFV31RhHZtgkN4z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ff9df539d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame E121
10 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1633391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ez2J0vnigIhSkBPsMOnZheGDTRyXi6gJ24MDezDALR%2F3l%2BpQuNxc6EgvCpi0VG30IPZcNhMO%2BRZCgz%2F6VQcBxKFB4vBSrzkY%2F10KdZq1F8DceKmkwNrJW3DdkqiRu%2BSMmvXAzN0kAQLVaUNvT2AftvK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffadf939d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E121
104 KB
35 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1475699
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THhlAg8qUjQRJtgeBaPBgbDl6LdlY4Qt6e3OtrDPDQKtYhrclt0nSAn8hPKHH850ADyxXLq%2FYVtQeEtwvHA%2Bq73z3p9lNfGlGNjUGbYyr4H1GF0IfEHWyL4G%2FKgY%2BY6CR%2FaIu%2BDfA1zcwXtxtb0MSQMQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffde2839d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E121
11 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
994043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeCXlI3oTh3sD2oL9GLSIdxPVhT9168d5ZCP%2Fo6YJepsVR7mi86k6DL%2FSM%2BQ3McMu1S3%2Ffa8TzOZxQe%2BXyz8rWKRcgrRgx9lMhmLhI8w822sZpYMPoeEpFoMa3pmK1DIt6x42l9HeOrpLfcoXI8bAJQn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffde3739d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E121
825 B
730 B
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
735285
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1X3zKuR%2Bp4AXxRaD1iuWnhqzjhM4Rw6%2BvCsPfp5QT%2Ba2HNaKvDmiu13yt4yU7BgpSfawCuu9wg%2FFjsEnB6J7IGI7rr%2BcGAIZf1sAV3Yx8wxJOQSqunB9msGBoj2RdjketdSgdkgLrvx5uWj4VlAal3w4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffde3539d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E121
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1456868
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOxMxV7YFcC3yEnOxHMxRk5lySuzDLVJ9JparY6LcflVwLApMc1ZVo%2B6SFCb%2F8S1bqsqsVdvKnCvvj1X7Xvo5KvjAuVJkzp6LWl9AcR85%2FSnNduOclieZg0q1fjqUx8jn0rvXtaM3vyyGRob%2FAw%2F1vjQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffde3039d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame E121
3 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
994064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWF7obY37cN%2FvGAWwesnqy3IIHwRv0k0DydnUyEKIdI9A9zAh%2FbHIb4OVjsi2jMaRJno7%2BI3hVGsAVQgZyCc9tsNdsXveUpwcgYmLCuS6crLkTiGPXD4NI8Hk07xHvM%2FLpb7TPvbOXir57poBuP1v3zB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ff9df639d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame E121
23 KB
8 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
871854
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpwiYVNw4SRTcpR%2FzTH7lQA9v4ikDUOF2kPfyPG2LCbPiqQX1kre4Udmvtee8UPWOaM9YvTpILXuxBJkVwvc%2BkfhGPiidx9VH9wMfP1OTYkdT%2BZmKyf89p1DDNKJOU5Fml%2BBuEjmksFHhrhArGykZf7A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffde3439d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame E121
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1641051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lh9kiLJTtZy2pCBuyuO6HJ6y7%2F2lM1WzIGN%2B4NUoLEI6i32p0XUyhbsiTpUHSR6xqwVyIKjgUIuTC1Cz%2BSkTR24lcwOCj4E%2BCfTSHzMSJmtY2J5lynzLfcYRZlf1T0OWEFut3jSDGN%2Bv4jS4tgLSniX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffde2d39d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame E121
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1546279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Y2e6gD4au789lLtVZ6fepva%2FJi3wJWmm6vpyNWXNT6w%2B%2BEWSqzvqvn3uyYBNwkxNZqfv9CG%2FizUGsvKPBUKsI3Vh95vLtW4JMLc41uTHtquDV9nkBB0makWdi9WG58Ll8kr1aJwpMWqZkCo2HJImB4y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ff9df239d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame E121
33 KB
6 KB
Script
General
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=VnaP3rYVKc&version=1568388702000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M953d4sR0ab
pragma
wn
prod-dash-10-0-83-6
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.001
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
828707fd9b45a1de-YYZ
expires
Mon, 20 Nov 2023 03:19:57 EST
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame E121
67 KB
12 KB
Script
General
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.50.1
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf9991005729b8aeaa16ece0906e19a7a3016e183e2e605cd53a1aecdd1b2c80
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
70813
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 14:42:38 GMT
wn
prod-dash-10-0-83-6
server
cloudflare
etag
W/"68506-1700145758000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.003
cache-control
public, max-age=86400
cf-ray
828707fd9b47a1de-YYZ
expires
Mon, 20 Nov 2023 08:19:57 GMT
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame E121
121 KB
38 KB
Script
General
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.50.1
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6eb82493b60f74e736c5886981564fcdb45f75ecaa44c6290008bbf323440b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
2308
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 14:59:18 GMT
wn
prod-dash-10-0-132-152
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=602492
cf-ray
828707fd9b48a1de-YYZ
expires
Sun, 26 Nov 2023 07:41:29 GMT
style.css
buy.tinypass.com/ Frame E121
0
0
Stylesheet
General
Full URL
https://buy.tinypass.com/style.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
accept-encoding
content-type
text/html
cache-control
public, max-age=1200
cf-ray
828707fd9b44a1de-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sun, 19 Nov 2023 08:39:57 GMT
css2
fonts.googleapis.com/ Frame E121
3 KB
630 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,200;0,700;1,500&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b7438d8b0b18bfbf32dc84a475493497b57f9e14ca96cdcbaf4341ed43312a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 19 Nov 2023 08:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 Nov 2023 08:19:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Nov 2023 08:19:57 GMT
bullet-16x16.png
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/Valor/MARKETING/novembro-2023/ Frame E121
454 B
806 B
Image
General
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/Valor/MARKETING/novembro-2023/bullet-16x16.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
b32727c03906e98b0935c7d907b46ce259901e7b2d54daa7eddc76e440cee8fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
x-openstack-request-id
txc0cc88c7473f4e9d8f57a-006559c52d
last-modified
Wed, 08 Nov 2023 12:56:22 GMT
x-thanos
0A823003
etag
135e48cbc9a825ba79ea6024f9eeec53
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1699448181.42170
cache-control
public, max-age=180
accept-ranges
bytes
content-length
454
x-trans-id
txc0cc88c7473f4e9d8f57a-006559c52d
x-request-id
b8494822-ef0b-4609-8de8-4916b0f94d88
pack-350x340.png
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/Valor/MARKETING/novembro-2023/ Frame E121
77 KB
78 KB
Image
General
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/Valor/MARKETING/novembro-2023/pack-350x340.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT653CNSM5VZ&templateVariantId=OTVHXZXR3RFZO&offerId=fakeOfferId&experienceId=EXV0B8G5JLPM&iframeId=offer_1233cad25ed42a664d8d-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
dcc78af1790459c45719d2904ebb8d7de7afa98c65d553d5694376f7c563101e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
x-openstack-request-id
tx58a09694b68b4d468bb9a-006559c52e
last-modified
Wed, 08 Nov 2023 12:56:22 GMT
x-thanos
0A823003
etag
97a915ec2d744fc000f128e1d938288d
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1699448181.55526
cache-control
public, max-age=180
accept-ranges
bytes
content-length
78992
x-trans-id
tx58a09694b68b4d468bb9a-006559c52e
x-request-id
f767bcea-fda1-42e8-b12d-d2d44c7016bc
state
api.permutive.com/v1.0/
0
34 B
XHR
General
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 19 Nov 2023 08:19:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame DD65
126 KB
78 KB
Stylesheet
General
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
5970
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 14:42:38 GMT
wn
prod-dash-10-0-121-132
server
cloudflare
etag
W/"128533-1700145758000"
vary
Accept-Encoding
content-type
text/css
server-time
0.000
cache-control
public, max-age=7200
cf-ray
828707fdbb70a1de-YYZ
expires
Sun, 19 Nov 2023 10:19:57 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame DD65
95 KB
30 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1562021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCDQUfGqwS9wq77v1bZg9CEL8UjTySrnqYn1CDtOr0Y2eHUwmPDe%2BRiCiZZGhbBynHIi%2F0jJdx8%2BiyK3WKrupt8%2FI84vqfkLAI5Zt%2BjDFA%2BQzZbcj2P0pPXeiUnKWklRsWJT2y92SBy7nenCyJkLi6%2FJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffde2c39d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame DD65
10 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1633391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogIQikdUMxZJHKTpy%2FgL2Ju1%2BOnatcoHYCzoVohIU8CZOk36Sc%2F36CVEB0s2kHdgbTnHQTIK4e6xBmVc0eWFbD%2FYblp1y8ZBLHu2x4JLkj8GMsaeUznN4kEWkmUof3Lc79vWHViUnaJnh1IiPcuH6COu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffde2939d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame DD65
104 KB
35 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1475699
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5L2rHNPb%2BMwQDo4jjZpfJ9A5CDDZ7k6Wsy%2FLkBRo0QiWVKVIAmOlWfP6cC2zR7ksnctWugXoedJs8QGRxtTtAzL27MlhgPd5D1udrVthaRA99IaJ9ACozoBUNkA%2F3sNYMeFfVZm%2BbF1nKDPa5Bmq6%2FpG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffde3239d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame DD65
11 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
994043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2sSv57wYtVucASTvPPQcRt2o56oBUw%2BDjjzBQR0AJ545ZXX6IolgyHjCHIWtv6slDfeasiN9BZohxrLy41SDKKUX3SGAZsdPg4xZ%2B%2BUhixfaKsFSqz5NoNB73ZLWOIdnfrS3X061ZM7uQg681lm5Zf0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffde3339d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame DD65
825 B
750 B
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
735285
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtcRSSVwIKRR5YAn3HTb8LpmPbLOmN8T6fFKufAGWBq%2FAB1NJHEIYsryuczsgnyeH1OLRglLlsLdoj2qpXRxZmFtEbMYMLZsTJFl8EYo4RbpBKSHcBKEr73BQt6UvYkvljDJs9Dt%2BTOZwnPNRzMoVvMy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffde2539d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame DD65
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1456868
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPZFZWviK0ekJz2Xv%2BGMkkagc%2FHvNJnxjhIR6PuqhjP5S6czuqbANl6c87T9s3Trx9%2Bi6VR2H8zGGJnv1Omxx3n2nxMVjN%2FZOlzflb0tQZnBt6LiLxxI6jhx8Iad5D%2BA8pWka941nc77eXZkwZz3XtiR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffde2f39d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame DD65
3 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
994064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leCQv25E%2BNF7IU4TWF02BYH%2FT5obR4OpgEH59b8KBZmtYQzCv49gtSzEpXzh8S9EYkC1IBhluCmcZKYnr1qOFqSTjyO9pb3JkLo3cDX7V6Z3V34ZTYxQ5eomvrbWgiKtW2sgmDO66dzLdi6rYlxN7wXl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffadfe39d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame DD65
23 KB
8 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
871854
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTSsxoqfaK%2FlFVo7N6GfMDTag6gKMTpdGxvaqe8y3ePsO0lX5ZX2%2BW5bpsxq%2BJrlm%2FVP6zZA%2FElFJ%2FK2zFzMgKv3pTKDkKn5sLUyfAtCRfpfkDhzTMoOY006%2FG65ivZxx7QaD9W8DByu0b5OY40iuXU4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffadfa39d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame DD65
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1641051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKV1YQIxWCm2kznifi%2Be%2FcPBPhg5UNG4PH6oYjqXevNODDtwO7yP2x%2BVzOOa%2FYnC0MSgFH0eYgwKDiGq03oT6pAKTeUPIZ4h3kGigUjxErofgWdFLQGbrL01FzClT0fK8Da%2FIKO1RZD34k7WsYjQAuQd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffadfb39d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame DD65
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1546279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEwiIPb8RoORzzPUoRB30L6TD3tqdJQ1N1ROnXVhXqLpK0p2aLIoASUPw9hTNkrlXt7TRTGIdgpvDinM%2F7%2F5rETR7dZgb7LNdlxMrFA%2BxVTmxkkm4z8pnI7Is%2FRBlkqKNLgZnyIEnNlKPvgjYye2WfEy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828707ffadfd39d8-YYZ
expires
Fri, 08 Nov 2024 08:19:58 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame DD65
33 KB
6 KB
Script
General
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=VnaP3rYVKc&version=1568388702000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M953d4syxlM
pragma
wn
prod-dash-10-0-91-2
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.001
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
828707fdcb7ca1de-YYZ
expires
Mon, 20 Nov 2023 03:19:57 EST
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame DD65
67 KB
12 KB
Script
General
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.50.1
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf9991005729b8aeaa16ece0906e19a7a3016e183e2e605cd53a1aecdd1b2c80
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
70813
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 14:42:38 GMT
wn
prod-dash-10-0-83-6
server
cloudflare
etag
W/"68506-1700145758000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.003
cache-control
public, max-age=86400
cf-ray
828707fdcb7da1de-YYZ
expires
Mon, 20 Nov 2023 08:19:57 GMT
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame DD65
121 KB
38 KB
Script
General
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.50.1
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6eb82493b60f74e736c5886981564fcdb45f75ecaa44c6290008bbf323440b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
2308
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 14:59:18 GMT
wn
prod-dash-10-0-132-152
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=602492
cf-ray
828707fdcb7ea1de-YYZ
expires
Sun, 26 Nov 2023 07:41:29 GMT
css2
fonts.googleapis.com/ Frame DD65
3 KB
726 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 19 Nov 2023 08:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 Nov 2023 08:16:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Nov 2023 08:19:57 GMT
style.css
buy.tinypass.com/checkout/template/ Frame DD65
0
0
Stylesheet
General
Full URL
https://buy.tinypass.com/checkout/template/style.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
accept-encoding
content-type
text/html
cache-control
public, max-age=1200
cf-ray
828707fdcb7aa1de-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sun, 19 Nov 2023 08:39:57 GMT
footer-padr%C3%A3o.png
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/Valor/MARKETING/novembro-2023/ Frame DD65
9 KB
10 KB
Image
General
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/Valor/MARKETING/novembro-2023/footer-padr%C3%A3o.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTN9OUZXKO4Z&templateVariantId=OTV9XW43F99KJ&offerId=fakeOfferId&experienceId=EXTRU6FCZ9F2&iframeId=offer_5ef89bf7ea90d2e47937-0&displayMode=inline&widget=template&url=https%3A%2F%2Fvalor.globo.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
974bd0ea76eacc8547f071714a0d7b1bd16d933c99a5aad60a884d675ed67980

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:57 GMT
x-openstack-request-id
tx2aa927e3fc714b2aa4924-006559c4bc
last-modified
Thu, 09 Nov 2023 17:30:54 GMT
x-thanos
0A823003
etag
5050a171a4b3ffbecfc746efa0441178
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1699551053.87038
cache-control
public, max-age=180
accept-ranges
bytes
content-length
9517
x-trans-id
tx2aa927e3fc714b2aa4924-006559c4bc
x-request-id
dcb761e8-e245-4da8-9cd2-931ee42ad98a
PugMaster
image6.pubmatic.com/AdServer/ Frame C96B
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82184193&p=156307&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7e1e2c86c0c874e7ae8635ac7f7060d698b7e967a4ebfe7177d68fb2a5eb97db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 08:19:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sp1.html
cdn.cxense.com/ Frame 18FF
672 B
747 B
Document
General
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:780::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
377
Content-Type
text/html
Date
Sun, 19 Nov 2023 08:19:57 GMT
Expires
Wed, 29 Nov 2023 08:19:57 GMT
Last-Modified
Wed, 02 Aug 2023 12:14:52 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
truncated
/ Frame FF48
194 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame FF48
573 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame FF48
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame FF48
528 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame FF48
224 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame FF48
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame FF48
325 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame FF48
398 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
gov.aniview.com/api/adserver/tag/
19 KB
4 KB
XHR
General
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fvalor.globo.com&AV_CCPA=1---&AV_SCHAIN=1.0%2C1!taboola.com%2C1212302%2C1%2C-1890874510%2Ceditoraglobo-valoreconomico%2Cvalor.globo.com&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62386b3ebadec7045a63cea9&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=valor.globo.com&AV_DADPOS=1&AV_GPID=/621cca388ba47d78a102e506/62386b3ebadec7045a63cea9/valor.globo.com&d36=6.2.141&responsive=1&sver=4&avtoken=997946&omv=1.0.1&clsid=43004d7f-4962-4090-9f4f-b8d6abc7e100&rando=50&AV_WIDTH=402&AV_HEIGHT=226&AV_DNT=0&cb=1700381997950&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.0.146.5 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
6cb71945ce5e4010cfe0b8731f9ae974a360094baedd4caf6851657d023a0868

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://valor.globo.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Tue, 07 Nov 2023 18:33:19 GMT
track
track1.aniview.com/
0
143 B
Image
General
Full URL
https://track1.aniview.com/track?r=valor.globo.com&sn=&ic=0&tgt=1&app=&wi=402&he=226&test=&d36=6.2.141&apppkg=&fv=1&proto=https&clsid=43004d7f-4962-4090-9f4f-b8d6abc7e100&rando=50&pid=621cca388ba47d78a102e506&cid=62386b3ebadec7045a63cea9&stagid=&stplid=&e=inventory&vi=0&cb=1700381997948
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame F0F7
194 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame F0F7
573 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame F0F7
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame F0F7
528 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame F0F7
224 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame F0F7
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame F0F7
325 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame F0F7
398 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
gov.aniview.com/api/adserver/tag/
9 KB
3 KB
XHR
General
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fvalor.globo.com&AV_CCPA=1---&AV_SCHAIN=1.0%2C1!taboola.com%2C1212302%2C1%2C-1890874510%2Ceditoraglobo-valoreconomico%2Cvalor.globo.com&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce741fc6e4546c8d7def07&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=valor.globo.com&AV_DADPOS=1&AV_GPID=/621cca388ba47d78a102e506/62ce741fc6e4546c8d7def07/valor.globo.com&d36=6.2.141&responsive=1&sver=4&avtoken=997975&omv=1.0.1&clsid=e5a7fdea-a08e-4f08-a86a-10fa8b636c18&rando=71&AV_WIDTH=402&AV_HEIGHT=226&AV_DNT=0&cb=1700381997976&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.0.146.5 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e942c073069728b6b8c042eb356a093d31afb1b84da7c8bc77049a9a43d1cd77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://valor.globo.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Tue, 07 Nov 2023 18:33:19 GMT
track
track1.aniview.com/
0
142 B
Image
General
Full URL
https://track1.aniview.com/track?r=valor.globo.com&sn=&ic=0&tgt=1&app=&wi=402&he=226&test=&d36=6.2.141&apppkg=&fv=1&proto=https&clsid=e5a7fdea-a08e-4f08-a86a-10fa8b636c18&rando=71&pid=621cca388ba47d78a102e506&cid=62ce741fc6e4546c8d7def07&stagid=&stplid=&e=inventory&vi=0&cb=1700381997976
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cx.js
cdn.cxense.com/ Frame 18FF
111 KB
36 KB
Script
General
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:780::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8fc230deb1df33d4975b34a6121f3e81f6b8d1028f34b91f7c8cadedf8157f6c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:19:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 16:54:09 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36913
Expires
Sun, 19 Nov 2023 09:19:58 GMT
truncated
/ Frame 52A5
194 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 52A5
573 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 52A5
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 52A5
528 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 52A5
224 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 52A5
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 52A5
325 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 52A5
398 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
track
track1.aniview.com/
0
142 B
Image
General
Full URL
https://track1.aniview.com/track?r=valor.globo.com&sn=&ic=0&tgt=1&app=&wi=402&he=226&test=&d36=6.2.141&apppkg=&fv=1&proto=https&clsid=5f74de5e-5864-4b84-affc-3fbe09931547&rando=79&pid=621cca388ba47d78a102e506&cid=62386b3ebadec7045a63cea9&stagid=&stplid=&e=inventory&vi=0&cb=1700381997998
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame 06EB
194 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 06EB
573 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 06EB
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 06EB
528 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 06EB
224 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 06EB
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 06EB
325 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 06EB
398 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
gov.aniview.com/api/adserver/tag/
19 KB
4 KB
XHR
General
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fvalor.globo.com&AV_CCPA=1---&AV_SCHAIN=1.0%2C1!taboola.com%2C1212302%2C1%2C-1890874510%2Ceditoraglobo-valoreconomico%2Cvalor.globo.com&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce739af7dbc53bae7f0fe6&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=valor.globo.com&AV_DADPOS=1&AV_GPID=/621cca388ba47d78a102e506/62ce739af7dbc53bae7f0fe6/valor.globo.com&d36=6.2.141&responsive=1&sver=4&avtoken=998047&omv=1.0.1&clsid=790d43b5-1cdc-46cb-9fbd-bf1afb17bf55&rando=12&AV_WIDTH=402&AV_HEIGHT=226&AV_DNT=0&cb=1700381998048&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.0.146.5 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
478b848ad4901208d607bd872101cba7605aac963ccd5b204e9849e49285c479

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://valor.globo.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Tue, 07 Nov 2023 18:33:19 GMT
track
track1.aniview.com/
0
142 B
Image
General
Full URL
https://track1.aniview.com/track?r=valor.globo.com&sn=&ic=0&tgt=1&app=&wi=402&he=226&test=&d36=6.2.141&apppkg=&fv=1&proto=https&clsid=790d43b5-1cdc-46cb-9fbd-bf1afb17bf55&rando=12&pid=621cca388ba47d78a102e506&cid=62ce739af7dbc53bae7f0fe6&stagid=&stplid=&e=inventory&vi=0&cb=1700381998048
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame 357E
194 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 357E
573 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 357E
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 357E
528 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 357E
224 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 357E
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 357E
325 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 357E
398 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
gov.aniview.com/api/adserver/tag/
11 KB
4 KB
XHR
General
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fvalor.globo.com&AV_CCPA=1---&AV_SCHAIN=1.0%2C1!taboola.com%2C1212302%2C1%2C-1890874510%2Ceditoraglobo-valoreconomico%2Cvalor.globo.com&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62386b30215b2a73db532664&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=valor.globo.com&AV_DADPOS=1&AV_GPID=/621cca388ba47d78a102e506/62386b30215b2a73db532664/valor.globo.com&d36=6.2.141&responsive=1&sver=4&avtoken=998063&omv=1.0.1&clsid=c2a883ed-b10a-4bb6-ad20-2b1c0ab0dff5&rando=40&AV_WIDTH=402&AV_HEIGHT=226&AV_DNT=0&cb=1700381998063&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.0.146.5 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
74ef1019e1feb14ce9e35e3100d74f5bdbcf6cf88610f2a0cfdfd6ac3639a0ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://valor.globo.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Tue, 07 Nov 2023 18:33:18 GMT
track
track1.aniview.com/
0
142 B
Image
General
Full URL
https://track1.aniview.com/track?r=valor.globo.com&sn=&ic=0&tgt=1&app=&wi=402&he=226&test=&d36=6.2.141&apppkg=&fv=1&proto=https&clsid=c2a883ed-b10a-4bb6-ad20-2b1c0ab0dff5&rando=40&pid=621cca388ba47d78a102e506&cid=62386b30215b2a73db532664&stagid=&stplid=&e=inventory&vi=0&cb=1700381998063
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
p1.js
p1cluster.cxense.com/ Frame 18FF
46 B
636 B
Script
General
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4fdfc2005aff2705bf2ebe658f396d2bdc7eaf312ea35d03ec300d0a4a373621

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
last-modified
Fri, 19 May 2023 08:19:58 GMT
server
Jetty(9.4.28.v20200408)
etag
9m6e3ui9t4503c5i570t6bp4f
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
46
expires
Tue, 19 Nov 2024 08:19:58 GMT
dcm
s.amazon-adsystem.com/ Frame 0E62
43 B
855 B
Document
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 19 Nov 2023 08:19:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VK0C1F81GEPXD5A68QS7
Pug
simage2.pubmatic.com/AdServer/ Frame C6A1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1226190852069536688&gdpr=0&gdpr_consent=
42 B
297 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1226190852069536688&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 23:37:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
d8d1cf3a-6593-4c0e-b400-b57b3f4ba282
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 19 Nov 2023 08:19:58 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1226190852069536688&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame F827
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHU0RFN0tzNG9BQUJiY3hUazhqZw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?uid=AAGSDE7Ks4oAABbcxTk8jg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?ev=AAGSDE7Ks4oAABbcxTk8jg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGSDE7Ks4oAABbcxTk8jg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGSDE7Ks4oAABbcxTk8jg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=4056922767116350335&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGSDE7Ks4oAABbcxTk8jg&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4a444a71-d342-45f7-b0da-e4e76d5e271d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4a444a71-d342-45f7-b0da-e4e76d5e271d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 23:48:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Sun, 19 Nov 2023 08:20:01 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4a444a71-d342-45f7-b0da-e4e76d5e271d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 7D41
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVnFLgAAwxOjbgBH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 19 Nov 2023 08:19:58 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4568-YYZ
x-timer
S1700381999.731666,VS0,VE21

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sun, 19 Nov 2023 08:19:58 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVnFLgAAwxOjbgBH
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4568-YYZ
x-timer
S1700381999.577320,VS0,VE21
141
match.deepintent.com/usersync/ Frame 74B2
0
269 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Sun, 19 Nov 2023 08:19:58 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame C062
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=6da3eec0-86b4-11ee-92b2-1fe6ff30cd25
42 B
368 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=6da3eec0-86b4-11ee-92b2-1fe6ff30cd25
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:19:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sun, 19 Nov 2023 08:19:58 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=6da3eec0-86b4-11ee-92b2-1fe6ff30cd25
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-8
Pug
image2.pubmatic.com/AdServer/ Frame DDA6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eIKzpS2CtPlj1L-sK4ar_niC5Klj0bOuLIQvgFhS
42 B
416 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eIKzpS2CtPlj1L-sK4ar_niC5Klj0bOuLIQvgFhS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 23:48:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 19 Nov 2023 08:19:58 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eIKzpS2CtPlj1L-sK4ar_niC5Klj0bOuLIQvgFhS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 95B5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=545b3837-950e-48e4-b9be-658159de0d16&ssp=pubmatic&expires=30&user_group=5&bsw_param=30b13ab7-dbc6-4eff-9e07-01119cc841d7
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
185 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 19 Nov 2023 08:19:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 19 Nov 2023 08:19:59 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 75C3
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033169764266234
42 B
273 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033169764266234
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 23:48:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 19 Nov 2023 08:19:58 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033169764266234
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame D7C3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ERMWsRJhXKxxAxmZYZY3DEYZ_7o&gdpr=0&gdpr_consent=
42 B
384 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ERMWsRJhXKxxAxmZYZY3DEYZ_7o&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 19 Nov 2023 08:19:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ERMWsRJhXKxxAxmZYZY3DEYZ_7o&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame D4AB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3oaS0WqC1R4D265&gdpr=0&gdpr_consent=
42 B
322 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3oaS0WqC1R4D265&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 19 Nov 2023 08:19:58 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3oaS0WqC1R4D265&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0547d84931eb220f8@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame 9D1E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
828708050aaf39c6-YYZ
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:19:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82870803ca0c39c6-YYZ
content-type
text/html
date
Sun, 19 Nov 2023 08:19:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
3241
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 08F5
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=0e0eb4c1-8555-4774-b7c3-a6ca69f23c90&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
42 B
489 B
Document
General
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.166.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-166-52.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Sun, 19 Nov 2023 08:19:58 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 19 Nov 2023 08:19:58 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 529B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 23:48:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 08:19:57 GMT
expires
Sun, 19 Nov 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1249280
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame BD22
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7f32106bf5d4441a8d8abd8d9e875207
42 B
281 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7f32106bf5d4441a8d8abd8d9e875207
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sun, 19 Nov 2023 08:19:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7f32106bf5d4441a8d8abd8d9e875207
pragma
no-cache
server
Tengine
Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2
b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/ Frame 509D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://b1sync.zemanta.com/usersync/pubmatic/?gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s...
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
19 B
176 B
Document
General
Full URL
https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
19
Content-Type
text/plain; charset=utf-8
Date
Sun, 19 Nov 2023 08:19:59 GMT
X-Content-Type-Options
nosniff

Redirect headers

Content-Length
216
Content-Type
text/html; charset=utf-8
Date
Sun, 19 Nov 2023 08:19:58 GMT
Location
/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
pubmatic
ad.mrtnsvr.com/sync/ Frame 4BAA
0
0

/
sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/ Frame 84C2
0
375 B
Document
General
Full URL
https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=0&taboola_hm=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&orig=video&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
date
Sun, 19 Nov 2023 08:19:58 GMT
server
nginx
x-fastly-to-nlb-rtt
39415
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C96B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I_hYH6epRvaQol9cQ8i_xg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
23.220.136.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-136-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=72731
accept-ranges
bytes
content-length
5622
expires
Mon, 20 Nov 2023 04:32:09 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame C96B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=566c06e1-5ef0-4571-90a4-d38b649d97c6%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a902f120-5231-4d73-bf4d-b35c5110e8f0&ttd_puid=566c06e1-5ef0-4571-90a4-d38b649d97c6%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a902f120-5231-4d73-bf4d-b35c5110e8f0&ttd_puid=566c06e1-5ef0-4571-90a4-d38b649d97c6%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a902f120-5231-4d73-bf4d-b35c5110e8f0&ttd_puid=566c06e1-5ef0-4571-90a4-d38b649d97c6%2C%2C
date
Sun, 19 Nov 2023 08:19:58 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame C96B
0
0
Image
General
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2023F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

xuid
eb2.3lift.com/ Frame C96B
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame C96B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjNGODU4MUYtQTdBOS00NkY2LTkwQTItNUY1QzQzQzhCRkM2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 23:48:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C96B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIJEAS_A1pYzdESKXUd07aE&google_cver=1
42 B
269 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIJEAS_A1pYzdESKXUd07aE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIJEAS_A1pYzdESKXUd07aE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C96B
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:80F0BBA4FA7E41C0BC939AA6389B762B
42 B
324 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:80F0BBA4FA7E41C0BC939AA6389B762B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 19 Nov 2023 08:19:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:80F0BBA4FA7E41C0BC939AA6389B762B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 18 Nov 2023 08:19:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C96B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=
42 B
313 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=
date
Sun, 19 Nov 2023 08:19:58 GMT
server
Kestrel
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame C96B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4YZZTSNE2uVLPh_PKwKWxJBwyxrX0cc-~A&gdpr=0
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4YZZTSNE2uVLPh_PKwKWxJBwyxrX0cc-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:49:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4YZZTSNE2uVLPh_PKwKWxJBwyxrX0cc-~A&gdpr=0
date
Sun, 19 Nov 2023 08:19:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C96B
43 B
604 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:520a:c711:865a:bf81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame C96B
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1f17ccb7c1bb0619&is_secure=true&networkId=17100&version=1&nuid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABuI__FtQzKAMwEgy6AAAAAAA&expiration=1700468399&nuid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&...
42 B
376 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABuI__FtQzKAMwEgy6AAAAAAA&expiration=1700468399&nuid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABuI__FtQzKAMwEgy6AAAAAAA&expiration=1700468399&nuid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C96B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=24ce2dbc-1c16-44eb-807b-e68ec5abc847&gdpr=0&gdpr_consent=
1 B
255 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=24ce2dbc-1c16-44eb-807b-e68ec5abc847&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 19 Nov 2023 08:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=24ce2dbc-1c16-44eb-807b-e68ec5abc847&gdpr=0&gdpr_consent=
Date
Sun, 19 Nov 2023 08:19:58 GMT
Connection
keep-alive
X-CI-RTID
89fe866f-b348-4754-a502-4755e6f4ee06
Content-Length
205
Content-Type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame C96B
0
288 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.59.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-59-166.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
sn.ashx
pmp.mxptint.net/ Frame C96B
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10C61F92B_BCE4BBAD&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B
Image
General
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-383386798; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:58 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-383386798; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame C96B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&gdpr=0&gdpr_consent=
42 B
264 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:58 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C96B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
1 B
280 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:48:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 19 Nov 2023 08:19:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C96B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=383984206483609004
42 B
321 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=383984206483609004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=383984206483609004
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1078870459&t=event&ni=0&_s=5&dl=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&dp=%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Exibicao%20Register&el=ve_loginexclusivo_semcookie_nov_2023&_u=aDDAAEABAAAAACACI~&jid=&gjid=&cid=2088517343.1700381993&tid=UA-5487424-20&_gid=1220002044.1700381995&gtm=45He3b81n81M7TMHTJv893763177&cd1=multi-content%20-%20materia&cd2=Anonimo&cd43=13-09-2023&cd46=Joice%20Bacelo&cd49=Valor%20Econ%C3%B4mico%2CLegisla%C3%A7%C3%A3o&cd57=False&cd60=para%20assinante&cd61=valor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&cd82=responsivo&cd91=&gcd=11l1l1l1l1&dma=0&z=113001170
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 03:02:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19060
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame E121
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1078870459&t=event&ni=0&_s=6&dl=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&dp=%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Footer&el=ve_footer_semcookie_nov_2023&_u=aDDAAEABAAAAACACI~&jid=&gjid=&cid=2088517343.1700381993&tid=UA-5487424-20&_gid=1220002044.1700381995&gtm=45He3b81n81M7TMHTJv893763177&cd1=multi-content%20-%20materia&cd2=Anonimo&cd43=13-09-2023&cd46=Joice%20Bacelo&cd49=Valor%20Econ%C3%B4mico%2CLegisla%C3%A7%C3%A3o&cd57=False&cd60=para%20assinante&cd61=valor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&cd82=responsivo&cd91=&gcd=11l1l1l1l1&dma=0&z=1378620112
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 03:02:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19060
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame DD65
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:48:03 GMT
x-content-type-options
nosniff
age
279115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 02:48:03 GMT
truncated
/ Frame DD65
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 7C4F
0
0

user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=209bc32bc2ac8f31366d2dd71d31d3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo1a91_7304785265137932464&gdpr=0&gdpr_consent=null
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MjA5YmMzMmJjMmFjOGYzMTM2NmQyZGQ3MWQzMWQz&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPZK1Gww-8lTLldA5rxFFJg&google_cver=1&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/209bc32bc2ac8f31366d2dd71d31d3?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-p_aXMMNE2oMYvaR1_jxmNXeTtn8Ud_fS.0YkBGqj~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=1226190852069536688&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=3302076&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=24ce2dbc-1c16-44eb-807b-e68ec5abc847
  • https://jelly.mdhv.io/v4/pixie?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=d1532e90-dcf1-41f5-b54f-9f3b2bccd218
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=${TM_USER_ID}&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=ZVnFLgAAwxOjbgBH&gdpr=0&gdpr_consent=
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1595%26userId%3D%24%7BUID%7D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1595&userId=0907b07b-564c-4834-80b3-b9b9e8cd16bc
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1580%26userId%3D$UID&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1580&userId=4115979473928357364007
0
0

botao-desk.png
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/Valor/Atual/Gabigol/
2 KB
2 KB
Image
General
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/Valor/Atual/Gabigol/botao-desk.png
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
d7892e60168bfc032a138022b791574fd2f6293d20ad3f9fbb5ab78d0e0d19b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
x-openstack-request-id
tx97456cfc169e471b807ed-006559c4bc
last-modified
Mon, 05 Dec 2022 15:16:07 GMT
x-thanos
0A823003
etag
7604adaada5a736a9c9d35166561c42d
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1670253366.67064
cache-control
public, max-age=180
accept-ranges
bytes
content-length
1675
x-trans-id
tx97456cfc169e471b807ed-006559c4bc
x-request-id
888d4b90-a993-44e3-b19d-ea8dab06db48
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1078870459&t=event&ni=0&_s=7&dl=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&dp=%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Botao&el=botao%20-%20deslogado%20-%20valor%20-%20ve_botao_topo_semcookie_nov_2023&_u=aDDAAEABAAAAACACI~&jid=&gjid=&cid=2088517343.1700381993&tid=UA-5487424-20&_gid=1220002044.1700381995&gtm=45He3b81n81M7TMHTJv893763177&cd1=multi-content%20-%20materia&cd2=Anonimo&cd43=13-09-2023&cd46=Joice%20Bacelo&cd49=Valor%20Econ%C3%B4mico%2CLegisla%C3%A7%C3%A3o&cd57=False&cd60=para%20assinante&cd61=valor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&cd82=responsivo&cd91=&gcd=11l1l1l1l1&dma=0&z=1997117014
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 03:02:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19060
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 7C4F
301 B
753 B
XHR
General
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=33102358&loc=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:58 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://valor.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1700381998616004-1153
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 7C4F
67 B
0
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=33102358&_fw_gdpr=0&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1212302%2C1%2C-1890874510&vav=6e6cfdcd7c00ff2d5b619d68687e6f82&vaviv=07b30d92119e57c6e15bb3108238171a&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=100&componentId=vpaid-adapter&loc=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&playerSize=402x226&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://valor.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1700381998687072-251
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvalor.globo.com%2F&domain=valor.globo.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://valor.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 19 Nov 2023 08:19:58 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
447378
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvalor.globo.com%2F&domain=valor.globo.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=gBZEt3xPSGxIRXQrbHBLUDY2VXJqbXpKQ2hqVmIxOEdhMGtOZEZaOEhIb2g4eldjTFU2YzdyNTZvSkw5N090Z2RFcjdBWUU4Mlk0M2NYWFVGNEFoOEdhMEU4Q2hXR2tucm82ZVgwcTFEaEVwQVVtc2luYWJuSzBiQ2toeV...
445 B
707 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=gBZEt3xPSGxIRXQrbHBLUDY2VXJqbXpKQ2hqVmIxOEdhMGtOZEZaOEhIb2g4eldjTFU2YzdyNTZvSkw5N090Z2RFcjdBWUU4Mlk0M2NYWFVGNEFoOEdhMEU4Q2hXR2tucm82ZVgwcTFEaEVwQVVtc2luYWJuSzBiQ2toeVBaK3VCakZvK1VQOXl2Z2lQdFhzWVRCOTg1MzZOOG94Z2s4SGhEU2lPU05KVWkvQ2NHQmFlZjR0Vkc1dUhWNG5mQnlrYnBIeWpZbmZrZC9kbGFVVGZuV1ZWRGoxdVBlZFlJQ3RmZENPM1h6QzZIOC9iT3oxMGpSNWpxdkhXRnBaSUZiemNUOUpncVNOSVVQQjVHbzZJakJXS1Z3MXRUY3pxUE5UblIvWlNDbDhqR1R0N3V6QT18&cppv=2
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
776d5ee49a2eb882263aa60b36d2470c1c1c81c77b29d765b86f9afd5e437adb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:59 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1523881
expires
0

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://valor.globo.com
location
https://mug.criteo.com/sid?cpp=gBZEt3xPSGxIRXQrbHBLUDY2VXJqbXpKQ2hqVmIxOEdhMGtOZEZaOEhIb2g4eldjTFU2YzdyNTZvSkw5N090Z2RFcjdBWUU4Mlk0M2NYWFVGNEFoOEdhMEU4Q2hXR2tucm82ZVgwcTFEaEVwQVVtc2luYWJuSzBiQ2toeVBaK3VCakZvK1VQOXl2Z2lQdFhzWVRCOTg1MzZOOG94Z2s4SGhEU2lPU05KVWkvQ2NHQmFlZjR0Vkc1dUhWNG5mQnlrYnBIeWpZbmZrZC9kbGFVVGZuV1ZWRGoxdVBlZFlJQ3RmZENPM1h6QzZIOC9iT3oxMGpSNWpxdkhXRnBaSUZiemNUOUpncVNOSVVQQjVHbzZJakJXS1Z3MXRUY3pxUE5UblIvWlNDbDhqR1R0N3V6QT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
331322
content-length
0
expires
0
usync.html
eus.rubiconproject.com/ Frame AA64
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_valor.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Nov 2023 08:19:58 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rep.gif
comcluster.cxense.com/Repo/ Frame 18FF
43 B
469 B
Image
General
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.39-0&typ=pgv&rnd=lp57jdr3muq3jpaq&sid=4756157261768221469&loc=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&new=1&arf=0&ltm=1700381997820&ref=&tzo=480&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lp57jehmugtgbyo0&ckp=lp57jdr3gmgpzyg6&glb=&cp_userState=anon&cst=9m6e3ui9t4503c5i570t6bp4f
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Sun, 19 Nov 2023 08:19:59 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/
103 B
676 B
Script
General
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lp57jdr3gmgpzyg6%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%229m6e3ui9t4503c5i570t6bp4f%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%229m6e3ui9t4503c5i570t6bp4f%22%7D%5D%2C%22siteId%22%3A%224756157261768221469%22%2C%22location%22%3A%22https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
fe76301e439f1fa7e524181294abb6fc4c8a0231b64ccb66c90f890f4313a13e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:59 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
103
expires
Mon, 26 Jul 1997 05:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame AA64
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fa22e4ec07e2727d4d4bc2256e84153b63d770671f776e9bc3e465d40955fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:19:58 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Nov 2023 05:55:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77668
Connection
keep-alive
Content-Length
13230
Expires
Mon, 20 Nov 2023 05:54:26 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MjA5YmMzMmJjMmFjOGYzMTM2NmQyZGQ3MWQzMWQz&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MjA5YmMzMmJjMmFjOGYzMTM2NmQyZGQ3MWQzMWQz&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:58 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MjA5YmMzMmJjMmFjOGYzMTM2NmQyZGQ3MWQzMWQz&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700381998788054-150
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=209bc32bc2ac8f31366d2dd71d31d3&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=209bc32bc2ac8f31366d2dd71d31d3&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C86Y9K9JBMDKJWCM9PJD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:58 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=209bc32bc2ac8f31366d2dd71d31d3&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700381998939034-306
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1161
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D1%26key%3D
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.136.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-136-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=72731
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 19 Nov 2023 08:19:58 GMT
expires
Mon, 20 Nov 2023 04:32:09 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 6012
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=0&gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-aCsD72ZE2uKwOAygv4btypZcP_n4mA9t~A&gdpr_in_effect=0
0
296 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-aCsD72ZE2uKwOAygv4btypZcP_n4mA9t~A&gdpr_in_effect=0
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Sun, 19 Nov 2023 08:19:59 GMT

Redirect headers

age
0
content-length
0
date
Sun, 19 Nov 2023 08:19:58 GMT
location
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-aCsD72ZE2uKwOAygv4btypZcP_n4mA9t~A&gdpr_in_effect=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.87
strict-transport-security
max-age=31536000
cookiesyncendpoint
sync.aniview.com/ Frame 3013
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26bid...
  • https://ad.turn.com/r/cs?pid=45&rndcb=8965314470
  • https://sync.1rx.io/usersync/turn/3252457447538295465?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=200&key=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
0
311 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=200&key=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Sun, 19 Nov 2023 08:19:59 GMT

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Sun, 19 Nov 2023 08:19:59 GMT
ETag
RXdacc658d55c34b1a9a355253d202203c005
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=200&key=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
cookiesyncendpoint
sync.aniview.com/ Frame 44E0
Redirect Chain
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D18%26k...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=18&key=HrmzhQZHj9hnad-STX6DT5p8
0
270 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=18&key=HrmzhQZHj9hnad-STX6DT5p8
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Sun, 19 Nov 2023 08:19:59 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sun, 19 Nov 2023 08:19:59 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=18&key=HrmzhQZHj9hnad-STX6DT5p8
X-Sovrn-Pod
ad_ap2dca1
usync.html
eus.rubiconproject.com/ Frame 7A23
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Nov 2023 08:19:58 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 19 Nov 2023 08:19:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
0
prebid.a-mo.net/cchain/ Frame 6B51
2 KB
729 B
Document
General
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
009cfbc20adb1fec0efb6d41155a318cbba11e2787e557f49a5189750ea5ce62

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
638
content-type
text/html; charset=utf-8
date
Sun, 19 Nov 2023 08:19:58 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
cookiesyncendpoint
sync.aniview.com/ Frame DBD7
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=0&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=209bc32bc2ac8f31366d2dd71d31d3&_fw_gdpr=0&_fw_gdpr_consent=
0
280 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=209bc32bc2ac8f31366d2dd71d31d3&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Sun, 19 Nov 2023 08:19:59 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Sun, 19 Nov 2023 08:19:58 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=209bc32bc2ac8f31366d2dd71d31d3&_fw_gdpr=0&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1700381998889058-312
rtset
bh.contextweb.com/bh/ Frame 0BCE
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=209bc32bc2ac8f31366d2dd71d31d3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo0447_7304785265137813118&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAGSDE7Ks4oAABbcxTk8jg&dataProviderId=817&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/209bc32bc2ac8f31366d2dd71d31d3?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-p_aXMMNE2oMYvaR1_jxmNXeTtn8Ud_fS.0YkBGqj~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=3oaS0WqC1R4D265&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=1226190852069536688&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://jelly.mdhv.io/v4/pixie?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=956b232c-0cc2-4a57-8e0b-bf320c0bb356
  • https://bh.contextweb.com/bh/rtset?pid=561914&ev=1&us_privacy=$
49 B
799 B
Document
General
Full URL
https://bh.contextweb.com/bh/rtset?pid=561914&ev=1&us_privacy=$
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
4c23865d180f804df030e56f4d06adfdbefc2e8720b8553596036387e23ab9b2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-6b57df6cd5-m27bx
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Sun, 19 Nov 2023 08:20:01 GMT
Location
https://bh.contextweb.com/bh/rtset?pid=561914&ev=1&us_privacy=$
Pragma
no-cache
Server
nginx
x-sticky-vk
1700382000966086-1190
/
onetag-sys.com/usync/ Frame 5225
4 KB
2 KB
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
b46cd91a010005c7903fa99700bd9b3c1067abc7637ce7ba95ebf7cf8b7c621a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1444
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
45f6616f8301569fb3628edffa5edae8.gif
cs.admanmedia.com/ Frame 066B
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D52%26key%3DBUYERUID
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-16988f62-f6c6-362e-a0c4-1687522162ab&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...
0
0
Document
General
Full URL
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-16988f62-f6c6-362e-a0c4-1687522162ab&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xNjk4OGY2Mi1mNmM2LTM2MmUtYTBjNC0xNjg3NTIyMTYyYWIQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNzAwMzgxOTk4MzM4LTE3MjAyOTIwNTA3MC0wMDA2NzYtMDEwLTAwNTE0NiZiaWRkZXJuYW1lPTUyJmtleT11YS0xNjk4OGY2Mi1mNmM2LTM2MmUtYTBjNC0xNjg3NTIyMTYyYWIyAhgfOAE=&gdpr=&gdpr_consent=
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 19 Nov 2023 08:19:59 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload

Redirect headers

cache-control
no-store
content-length
0
date
Sun, 19 Nov 2023 08:19:59 GMT
expires
0
location
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-16988f62-f6c6-362e-a0c4-1687522162ab&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xNjk4OGY2Mi1mNmM2LTM2MmUtYTBjNC0xNjg3NTIyMTYyYWIQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNzAwMzgxOTk4MzM4LTE3MjAyOTIwNTA3MC0wMDA2NzYtMDEwLTAwNTE0NiZiaWRkZXJuYW1lPTUyJmtleT11YS0xNjk4OGY2Mi1mNmM2LTM2MmUtYTBjNC0xNjg3NTIyMTYyYWIyAhgfOAE=&gdpr=&gdpr_consent=
pragma
no-cache
avpb8.21.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 357E
247 KB
78 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c4adb585bf236d81bd0243e705b1c7692b1d3d3a1531f29222edf5fde4a8f85f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPq5p83hAfTvCbeowWUTIFPLm1TD004St0mDVfj-LyFRnnkgzsi8DC75ZfJM0G9a9iEoP8I4W_v_VvF0hWd8wCRdVg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
79319
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"ab8e043a07ae48fd640ebda52483e0e1"
vary
Accept-Encoding
x-goog-generation
1699872514653883
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Hphr6g==, md5=q44EOgeuSP1kDr2lJIPg4Q==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
79319
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:58 GMT
avpb8.21.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame 357E
68 KB
23 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a4.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b9c3b964443437025fd23526c4bd322bdd844c4c2fbc2609e6f35704305faf2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqY7cu7ywVBsHo5ftJfeC90OO9IgIifQzM3uhS4NCQC4rqxFm2WiQidLrNBA1Kd_kd4Zowc7vY9oxSRd7RsyDicogMdWAdS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
22607
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"809bfcbda3b0fcfcba48a895597d17f9"
vary
Accept-Encoding
x-goog-generation
1699872514509067
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Npqkbg==, md5=gJv8vaOw/Py6SKiVWX0X+Q==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
22607
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:58 GMT
cframe.js
assets.a-mo.net/js/ Frame 6B51
13 KB
6 KB
Script
General
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
via
1.1 2fe59031aaa28adeac35bcf3408ddada.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C1
age
543
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
82870807aa343701-YYZ
x-amz-cf-id
q0-BlJA_NAyHwY7ogtXdCuLHOJb3ZyyzUEdMB7etOp6b8ON1R6QGtQ==
expires
Sun, 19 Nov 2023 09:19:59 GMT
/
shb.richaudience.com/hb/ Frame 357E
5 B
368 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
da8b00f157aa030065e2d6a06149909cd367c6ebe8613a0ee506e636b1f7aae0

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame 7A23
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fa22e4ec07e2727d4d4bc2256e84153b63d770671f776e9bc3e465d40955fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:19:59 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Nov 2023 05:55:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77667
Connection
keep-alive
Content-Length
13230
Expires
Mon, 20 Nov 2023 05:54:26 GMT
mbox
vidanalytics.taboola.com/putes/
2 B
153 B
Ping
General
Full URL
https://vidanalytics.taboola.com/putes/mbox
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-cache-hits
0
date
Sun, 19 Nov 2023 08:19:59 GMT
via
1.1 varnish
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00102
server
nginx
x-timer
S1700381999.085797,VS0,VE172
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-served-by
cache-yyz4571-YYZ
avpb8.21.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame F0F7
247 KB
78 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c4adb585bf236d81bd0243e705b1c7692b1d3d3a1531f29222edf5fde4a8f85f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPq5p83hAfTvCbeowWUTIFPLm1TD004St0mDVfj-LyFRnnkgzsi8DC75ZfJM0G9a9iEoP8I4W_v_VvF0hWd8wCRdVg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
79319
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"ab8e043a07ae48fd640ebda52483e0e1"
vary
Accept-Encoding
x-goog-generation
1699872514653883
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Hphr6g==, md5=q44EOgeuSP1kDr2lJIPg4Q==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
79319
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:59 GMT
avpb8.21.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame F0F7
68 KB
23 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a4.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b9c3b964443437025fd23526c4bd322bdd844c4c2fbc2609e6f35704305faf2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqY7cu7ywVBsHo5ftJfeC90OO9IgIifQzM3uhS4NCQC4rqxFm2WiQidLrNBA1Kd_kd4Zowc7vY9oxSRd7RsyDicogMdWAdS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
22607
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"809bfcbda3b0fcfcba48a895597d17f9"
vary
Accept-Encoding
x-goog-generation
1699872514509067
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Npqkbg==, md5=gJv8vaOw/Py6SKiVWX0X+Q==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
22607
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:59 GMT
khaos.json
token.rubiconproject.com/ Frame 7A23
7 B
798 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP57JAYC-21-7NJN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
cookiesyncendpoint
sync.aniview.com/ Frame D0A1
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998034-172029210077-000611-009-006207...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1700381998034-172029210077-000611-009-006207&biddername=23&key=6c5ba71e-e7e2-4fc1-be5c-ccb1edc0fd03
0
295 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998034-172029210077-000611-009-006207&biddername=23&key=6c5ba71e-e7e2-4fc1-be5c-ccb1edc0fd03
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Sun, 19 Nov 2023 08:19:59 GMT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Sun, 19 Nov 2023 08:19:59 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998034-172029210077-000611-009-006207&biddername=23&key=6c5ba71e-e7e2-4fc1-be5c-ccb1edc0fd03
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cookiesyncendpoint
sync.aniview.com/ Frame 4A09
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998034-172029210077-000611-009-006207%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1700381998034-172029210077-000611-009-006207&biddername=55&key=1226190852069536688
0
260 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998034-172029210077-000611-009-006207&biddername=55&key=1226190852069536688
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Sun, 19 Nov 2023 08:19:59 GMT

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
8c96955f-82b6-4ba8-9cc8-d7592d1da6b3
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 19 Nov 2023 08:19:59 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998034-172029210077-000611-009-006207&biddername=55&key=1226190852069536688
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
avpb8.21.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame FF48
247 KB
78 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c4adb585bf236d81bd0243e705b1c7692b1d3d3a1531f29222edf5fde4a8f85f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPq5p83hAfTvCbeowWUTIFPLm1TD004St0mDVfj-LyFRnnkgzsi8DC75ZfJM0G9a9iEoP8I4W_v_VvF0hWd8wCRdVg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
79319
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"ab8e043a07ae48fd640ebda52483e0e1"
vary
Accept-Encoding
x-goog-generation
1699872514653883
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Hphr6g==, md5=q44EOgeuSP1kDr2lJIPg4Q==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
79319
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:59 GMT
avpb8.21.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame FF48
68 KB
23 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a4.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b9c3b964443437025fd23526c4bd322bdd844c4c2fbc2609e6f35704305faf2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqY7cu7ywVBsHo5ftJfeC90OO9IgIifQzM3uhS4NCQC4rqxFm2WiQidLrNBA1Kd_kd4Zowc7vY9oxSRd7RsyDicogMdWAdS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
22607
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"809bfcbda3b0fcfcba48a895597d17f9"
vary
Accept-Encoding
x-goog-generation
1699872514509067
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Npqkbg==, md5=gJv8vaOw/Py6SKiVWX0X+Q==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
22607
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:59 GMT
avpb8.21.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame FF48
68 KB
23 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a0.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
88b5d3d3501a35e93441969a766d4cdf3d9f5d87d4534e13d1d7d64793cc6006

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoSncNiYI_nIKoK6-2RRjZZUMryPyLLgPJTDDKtO_nv1MFlAIT1sSvHxS8lL4iJIsT31FkO-R1QRWikZrm-t0ohqg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
23198
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"3fa39ff9476c36a81b48540d1dce2006"
vary
Accept-Encoding
x-goog-generation
1699872514493767
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=5GjmeA==, md5=P6Of+UdsNqgbSFQNHc4gBg==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
23198
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:59 GMT
/
onetag-sys.com/match/ Frame 5225
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=fe226559-c52a-4300-b170-b415135d8eeb&gdpr=0&gdpr_consent=
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=1&uid=fe226559-c52a-4300-b170-b415135d8eeb&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sun, 19 Nov 2023 08:19:59 GMT
Server
MT3 1075 283b7e3 master iad iad-pixel-x28 config_version:"455"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=fe226559-c52a-4300-b170-b415135d8eeb&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 19 Nov 2023 08:19:58 GMT
/
onetag-sys.com/match/ Frame 5225
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LP57JAYC-21-7NJN&gdpr=0
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LP57JAYC-21-7NJN&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LP57JAYC-21-7NJN&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0163a7456b0a5605e8b1fb1d4fba3e4d
Expires
0
/
onetag-sys.com/match/ Frame 5225
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1226190852069536688
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1226190852069536688
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:59 GMT
an-x-request-uuid
4c12b068-36e5-4454-80f3-e6b83b780835
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1226190852069536688
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 5225
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=209bc32bc2ac8f31366d2dd71d31d3&gdpr_consent=&gdpr=0
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=3&uid=209bc32bc2ac8f31366d2dd71d31d3&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:59 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=209bc32bc2ac8f31366d2dd71d31d3&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700381999182062-1186
tap.php
pixel.rubiconproject.com/ Frame 5225
42 B
711 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Cza82SB5vLzQT_1QcYbTXznQHeSik_5akZzXYL0VVBk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5225
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-aqQIflJBUAeCknS6Wbm5Qaxe_St8l_QA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-aqQIflJBUAeCknS6Wbm5Qaxe_St8l_QA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-aqQIflJBUAeCknS6Wbm5Qaxe_St8l_QA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 5225
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=4056922767116350335
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=107&uid=4056922767116350335
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=4056922767116350335
date
Sun, 19 Nov 2023 08:19:58 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5225
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Cza82SB5vLzQT_1QcYbTXznQHeSik_5akZzXYL0VVBk
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Cza82SB5vLzQT_1QcYbTXznQHeSik_5akZzXYL0VVBk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:19:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SN5THWS6FFTDJ5RGZ6W9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Cza82SB5vLzQT_1QcYbTXznQHeSik_5akZzXYL0VVBk
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
apn
ads.playground.xyz/usersync/ Frame 5225
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
43 B
260 B
Image
General
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
b55b4fb0-1222-4fbc-85c8-43f0eb0ea79f

Redirect headers

location
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
date
Sun, 19 Nov 2023 08:19:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
176
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 5225
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELivHTjvXqXdK2QHziIRerY&google_cver=1
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELivHTjvXqXdK2QHziIRerY&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELivHTjvXqXdK2QHziIRerY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 5225
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-dGz74A9E2uGfpcM3CRIR9iVZdu1nLTDl4rgHK2M-~A
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-dGz74A9E2uGfpcM3CRIR9iVZdu1nLTDl4rgHK2M-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-dGz74A9E2uGfpcM3CRIR9iVZdu1nLTDl4rgHK2M-~A
date
Sun, 19 Nov 2023 08:19:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 5225
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=29&uid=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=a902f120-5231-4d73-bf4d-b35c5110e8f0&gdpr=0&gdpr_consent=
date
Sun, 19 Nov 2023 08:19:59 GMT
server
Kestrel
content-length
233
/
onetag-sys.com/match/ Frame 5225
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-7dTBVGlE2pmWz1PYrON.aXVGMZUbaNz0TaGJKA--~A&expires=5&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&us_privacy=
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=30&uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 19 Nov 2023 08:19:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookiesyncendpoint
sync.aniview.com/ Frame 5225
0
309 B
Image
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=20&pid=59c9148628a0612da3689288&key=Cza82SB5vLzQT_1QcYbTXznQHeSik_5akZzXYL0VVBk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-length
0
cookiesyncendpoint
sync.aniview.com/ Frame 915E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998341-172027074059-000843-013-006362%26biddername%3D10%2...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1700381998341-172027074059-000843-013-006362&biddername=10&pid=59c9148628a0612da3689288&key=mlf7oMpyiuvU&ev=1&us_privacy=1---&pid=562704
0
246 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998341-172027074059-000843-013-006362&biddername=10&pid=59c9148628a0612da3689288&key=mlf7oMpyiuvU&ev=1&us_privacy=1---&pid=562704
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Sun, 19 Nov 2023 08:19:59 GMT

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-6b57df6cd5-m27bx
expires
-1
location
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998341-172027074059-000843-013-006362&biddername=10&pid=59c9148628a0612da3689288&key=mlf7oMpyiuvU&ev=1&us_privacy=1---&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
avpb8.21.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 06EB
247 KB
78 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c4adb585bf236d81bd0243e705b1c7692b1d3d3a1531f29222edf5fde4a8f85f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPq5p83hAfTvCbeowWUTIFPLm1TD004St0mDVfj-LyFRnnkgzsi8DC75ZfJM0G9a9iEoP8I4W_v_VvF0hWd8wCRdVg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
79319
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"ab8e043a07ae48fd640ebda52483e0e1"
vary
Accept-Encoding
x-goog-generation
1699872514653883
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Hphr6g==, md5=q44EOgeuSP1kDr2lJIPg4Q==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
79319
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:59 GMT
avpb8.21.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 06EB
68 KB
23 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a0.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
88b5d3d3501a35e93441969a766d4cdf3d9f5d87d4534e13d1d7d64793cc6006

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoSncNiYI_nIKoK6-2RRjZZUMryPyLLgPJTDDKtO_nv1MFlAIT1sSvHxS8lL4iJIsT31FkO-R1QRWikZrm-t0ohqg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
23198
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"3fa39ff9476c36a81b48540d1dce2006"
vary
Accept-Encoding
x-goog-generation
1699872514493767
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=5GjmeA==, md5=P6Of+UdsNqgbSFQNHc4gBg==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
23198
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:59 GMT
avpb8.21.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame 06EB
68 KB
23 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a4.js
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1680::2c79 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b9c3b964443437025fd23526c4bd322bdd844c4c2fbc2609e6f35704305faf2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqY7cu7ywVBsHo5ftJfeC90OO9IgIifQzM3uhS4NCQC4rqxFm2WiQidLrNBA1Kd_kd4Zowc7vY9oxSRd7RsyDicogMdWAdS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
22607
last-modified
Mon, 13 Nov 2023 10:48:34 GMT
server
UploadServer
etag
"809bfcbda3b0fcfcba48a895597d17f9"
vary
Accept-Encoding
x-goog-generation
1699872514509067
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Npqkbg==, md5=gJv8vaOw/Py6SKiVWX0X+Q==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
22607
accept-ranges
bytes
expires
Sun, 19 Nov 2023 08:29:59 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 7A23
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=LP57JAYC-21-7NJN
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LP57JAYC-21-7NJN
0
252 B
Image
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LP57JAYC-21-7NJN
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LP57JAYC-21-7NJN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Expires
0
/
shb.richaudience.com/hb/ Frame F0F7
5 B
368 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
da8b00f157aa030065e2d6a06149909cd367c6ebe8613a0ee506e636b1f7aae0

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ Frame FF48
5 B
368 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
da8b00f157aa030065e2d6a06149909cd367c6ebe8613a0ee506e636b1f7aae0

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame FF48
19 B
696 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:59 GMT
an-x-request-uuid
f07325e8-e4fb-47ed-b9b7-8c8fe2623b50
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://valor.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=gBZEt3xPSGxIRXQrbHBLUDY2VXJqbXpKQ2hqVmIxOEdhMGtOZEZaOEhIb2g4eldjTFU2YzdyNTZvSkw5N090Z2RFcjdBWUU4Mlk0M2NYWFVGNEFoOEdhMEU4Q2hXR2tucm82ZVgwcTFEaEVwQVVtc2luYWJuSzBiQ2toeVBaK3VCakZvK1VQOXl2Z2lQdFhzWVRCOTg1MzZOOG94Z2s4SGhEU2lPU05KVWkvQ2NHQmFlZjR0Vkc1dUhWNG5mQnlrYnBIeWpZbmZrZC9kbGFVVGZuV1ZWRGoxdVBlZFlJQ3RmZENPM1h6QzZIOC9iT3oxMGpSNWpxdkhXRnBaSUZiemNUOUpncVNOSVVQQjVHbzZJakJXS1Z3MXRUY3pxUE5UblIvWlNDbDhqR1R0N3V6QT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 19 Nov 2023 08:19:58 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
189166
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
shb.richaudience.com/hb/ Frame 06EB
5 B
369 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
da8b00f157aa030065e2d6a06149909cd367c6ebe8613a0ee506e636b1f7aae0

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 06EB
19 B
696 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:59 GMT
an-x-request-uuid
12358eb7-025c-4442-8ecb-9dd63999fbae
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://valor.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
idl.js
assets.a-mo.net/js/ Frame 6B51
3 KB
2 KB
Script
General
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=valor.globo.com&e=27&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
via
1.1 12aa3fefbdb5e80269e58f34f94a99e8.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P2
age
247
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 02 Nov 2023 21:08:31 GMT
server
cloudflare
etag
W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
8287080a9bf53701-YYZ
x-amz-cf-id
rMKucSOilaVCs_EebTvl6D07XUDGEZC0vGbb3IqpF-dslinAummVbw==
expires
Sun, 19 Nov 2023 09:19:59 GMT
set
id.a-mx.com/ Frame 6B51
Redirect Chain
  • https://id.a-mx.com/sync?tao=1&&do=valor.globo.com
  • https://c3.a-mo.net/b?uid=a06a08b8-54ec-4fe2-8d98-40e356e7ac18&sh=id.a-mx.com&
  • https://id.a-mx.com/set?oid=a06a08b8-54ec-4fe2-8d98-40e356e7ac18&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902&
99 B
607 B
Fetch
General
Full URL
https://id.a-mx.com/set?oid=a06a08b8-54ec-4fe2-8d98-40e356e7ac18&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902&
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Server
131.153.203.243 , United States, ASN20454 (SSASN2, US),
Reverse DNS
Software
/
Resource Hash
5a9964d2c400d0e6c1b7fef236ffb9eb74b5c1b69fc38c1ab51804750422ff8e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
null
date
Sun, 19 Nov 2023 08:20:00 GMT
access-control-allow-credentials
true
content-length
99
content-type
application/json

Redirect headers

access-control-allow-origin
null
location
https://id.a-mx.com/set?oid=a06a08b8-54ec-4fe2-8d98-40e356e7ac18&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902&
date
Sun, 19 Nov 2023 08:19:59 GMT
access-control-allow-credentials
true
content-length
0
cookiesyncendpoint
sync.aniview.com/ Frame 6B51
0
297 B
Image
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=105&pid=59c9148628a0612da3689288&key=b8526abd-30ea-4192-94e7-2c6f7deaa902&do=valor.globo.com
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 6B51
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=b8526abd-30ea-4192-94e7-2c6f7deaa902&gdpr=0&us_privacy=1---
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=30b13ab7-dbc6-4eff-9e07-01119cc841d7
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=30b13ab7-dbc6-4eff-9e07-01119cc841d7&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=MzRlZGQzNzE1MDY2YjE5MA&gdpr=0&gdpr_consent=&us_privacy=1---&ssp=adaptmx&bsw_param=30b13ab7-dbc6-4eff-9e07-01119cc841d7
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&us_privacy=1---
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Sun, 19 Nov 2023 08:20:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame 6B51
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?&gdpr=0&us_privacy=1---&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-dGz74A9E2uGfpcM3CRIR9iVZdu1nLTDl4rgHK2M-~A&gdpr=0
0
136 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-dGz74A9E2uGfpcM3CRIR9iVZdu1nLTDl4rgHK2M-~A&gdpr=0
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-dGz74A9E2uGfpcM3CRIR9iVZdu1nLTDl4rgHK2M-~A&gdpr=0
date
Sun, 19 Nov 2023 08:19:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid.a-mo.net/ Frame 6B51
Redirect Chain
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Damx_com%26uid%3D
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=amx_com&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902
0
113 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=amx_com&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=amx_com&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902
date
Sun, 19 Nov 2023 08:19:59 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 6B51
Redirect Chain
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=openx&uid=0907b07b-564c-4834-80b3-b9b9e8cd16bc
0
113 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=openx&uid=0907b07b-564c-4834-80b3-b9b9e8cd16bc
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:00 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=openx&uid=0907b07b-564c-4834-80b3-b9b9e8cd16bc
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
setuid
prebid.a-mo.net/ Frame 6B51
Redirect Chain
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dadform%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=adform&uid=383984206483609004
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=adform&uid=383984206483609004
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=adform&uid=383984206483609004
date
Sun, 19 Nov 2023 08:20:00 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
prebid.a-mo.net/ Frame 6B51
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dsmartads...
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=smartadserver&uid=4056922767116350335
0
115 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=smartadserver&uid=4056922767116350335
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:58 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=smartadserver&uid=4056922767116350335
date
Sun, 19 Nov 2023 08:19:59 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 6B51
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dpubmatic%26uid%3D23F8581F-A7A9-46F6-9...
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=pubmatic&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=pubmatic&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=pubmatic&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
date
Sat, 18 Nov 2023 23:45:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 6B51
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&s=191503&us_privacy=1---&C=1
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=index_rtb&uid=ZVnFMMY0.-GtZegaNPpQrAAA%261384
0
135 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=index_rtb&uid=ZVnFMMY0.-GtZegaNPpQrAAA%261384
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpjhfikbFPH%2FQqMy3UIMr0kO%2BpKleOpg3ocGKsodXcB4K1vCTPvlng1vQD0gd39x9QdUQqbQfJR8P9zAg9gKq3UhB1Ri9PRgFB0F%2B0yk6OmjOnyOQkOQudaCVSZYclSinwx2Kie%2B"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=index_rtb&uid=ZVnFMMY0.-GtZegaNPpQrAAA%261384
cache-control
no-cache
cf-ray
8287080d6b8636fc-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame 6B51
Redirect Chain
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=sovrn&uid=HrmzhQZHj9hnad-STX6DT5p8
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=sovrn&uid=HrmzhQZHj9hnad-STX6DT5p8
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Sun, 19 Nov 2023 08:19:59 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=sovrn&uid=HrmzhQZHj9hnad-STX6DT5p8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame 6B51
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Db8526abd-30ea-4192-94e7-2c6f7deaa902%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=appnexus&uid=1226190852069536688
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=appnexus&uid=1226190852069536688
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:59 GMT
an-x-request-uuid
b90849aa-84a0-48e8-b3ad-6df256f5329b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid.a-mo.net/setuid?A=b8526abd-30ea-4192-94e7-2c6f7deaa902&bidder=appnexus&uid=1226190852069536688
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 6B51
0
248 B
Image
General
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902&do=valor.globo.com
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
content-length
0
content-type
text/html
setuid
prebid-server.rubiconproject.com/ Frame 6B51
86 B
707 B
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902&do=valor.globo.com
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0
setuid
ib.adnxs.com/prebid/ Frame 6B51
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902&do=valor.globo.com
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:19:59 GMT
an-x-request-uuid
72eec275-207f-4064-a30e-d5243ba792bc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
db9249bc-3518-498b-83c6-58371aadc8e9
https://prebid.a-mo.net/ Frame 6B51
176 B
0
Other
General
Full URL
blob:https://prebid.a-mo.net/db9249bc-3518-498b-83c6-58371aadc8e9
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6cee1ec9998e38cff16e5acd386d4b4b420bf291b15dcda7df2e4466f876e89

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
176
Content-Type
fed
ups.analytics.yahoo.com/ups/58771/ Frame 6B51
316 B
608 B
XHR
General
Full URL
https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=b8526abd-30ea-4192-94e7-2c6f7deaa902
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=valor.globo.com&e=27&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
70581469cad36af8c20af634aec3143e9dada729daa893ca1a182dfde6dfca9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prebid.a-mo.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://prebid.a-mo.net
content-type
application/json
access-control-allow-credentials
true
prebid
id5-sync.com/api/config/ Frame 357E
135 B
415 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pbhid
id.hadron.ad.gt/api/v1/ Frame 357E
227 B
348 B
Fetch
General
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbc1c74ab88d900ab8c11985f9188ffa5599cd2a3b76f091b6faefd9b46c75a

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
8287080f3fe836eb-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
envelope
api.rlcdn.com/api/identity/ Frame 357E
0
253 B
Fetch
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=105
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 4FD2
2 KB
1 KB
Document
General
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2936275069
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
d1d2695d0c112c9d5b23ef14a49b65ceb35c97a345fb51e1d9cd9fc40befb651

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 08:14:23 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.4
prebid
id5-sync.com/api/config/ Frame FF48
135 B
416 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pbhid
id.hadron.ad.gt/api/v1/ Frame FF48
227 B
196 B
Fetch
General
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbc1c74ab88d900ab8c11985f9188ffa5599cd2a3b76f091b6faefd9b46c75a

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
8287080f3fec36eb-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
async_usersync.html
acdn.adnxs.com/dmp/ Frame AA6E
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
85342
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 19 Nov 2023 08:20:00 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
455, 142734
X-Served-By
cache-lga13626-LGA, cache-yyz4563-YYZ
X-Timer
S1700382000.488654,VS0,VE0
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 93DB
3 KB
1 KB
Document
General
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=566725208
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
0b3d5bef14f57ea321b299bd80ea70df309ab8e388e247dab27d193f3cda8000

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 08:14:23 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.4
prebid
id5-sync.com/api/config/ Frame F0F7
135 B
415 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pbhid
id.hadron.ad.gt/api/v1/ Frame F0F7
227 B
205 B
Fetch
General
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbc1c74ab88d900ab8c11985f9188ffa5599cd2a3b76f091b6faefd9b46c75a

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
8287080f3fe936eb-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 8B83
2 KB
1 KB
Document
General
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6888385888
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
6b1f4c68840bead4eee39c1f6c606186540f361d1b06f45961d5e6a346e9978c

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 08:14:23 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.4
prebid
id5-sync.com/api/config/ Frame 06EB
135 B
415 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pbhid
id.hadron.ad.gt/api/v1/ Frame 06EB
227 B
205 B
Fetch
General
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbc1c74ab88d900ab8c11985f9188ffa5599cd2a3b76f091b6faefd9b46c75a

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
8287080f3fef36eb-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 1BA5
2 KB
1 KB
Document
General
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2850261077
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
31cbf06e27a793a883dc0d861bbd0e6a016e0eddc822d8cbcec2f10f34884229

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 08:14:23 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.4
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7846
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d4jvmy04.na1.hubspotlinksstarter.com
URL: https://d4jvmy04.na1.hubspotlinksstarter.com/Ctc/OT+113/d4JVmY04/VWhRMs6NM1RhW9jrxjd4fxr_TW1qZjFf55zKttN4CDgcR5kBVqW50kH_H6lZ3q4W20MLll8PF3WhW535nZn6d0YPcW26xZqm6cBN7-W7RsZcV5ywKRLN5GVNrxBSwNmW6wFmFt4ZL_SNW6DBqR63nLGlwW5Tmmmq3c6-b2W3pbFp270rHYVMGdBLJ9Wv4-W1xG_SZ7ZrGKpW4S1RNp18MTS4N7dGPxB1GWFGW7Rjr5F8n6Q4YW3X0KzQ1mhkT6W4pVZBY7lGwZgW5L491k3zrQr6W7FRLMh8DY4CYW169fRV4DFrPHW7ST0bX9jYGQ3W8hxWmr3nhYYcW2srQTw2sfqs2W6QGf2T7-Kt8qW8nQQb98FLfLhW7mfN4T2qfwygW5myWTj71jvCGW6ymQy_6xrP4NW1grvR76nKFNtW364PWG4rc3tTVr31B-3fd64yW1LSMDC5FJCq3W3_5mPR4sxkj8f63r3n404
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://valor.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
85342
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 19 Nov 2023 08:20:00 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
455, 141287
X-Served-By
cache-lga13626-LGA, cache-yyz4543-YYZ
X-Timer
S1700382000.485776,VS0,VE0
SPug
simage4.pubmatic.com/AdServer/ Frame C96B
0
261 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156307&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:19:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ingest.php
events.newsroom.bi/
2 B
779 B
Ping
General
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.95 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy07.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://valor.globo.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
rum
id.rtb.mx/ Frame 6B51
0
478 B
Ping
General
Full URL
https://id.rtb.mx/rum?
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.242.59 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prebid.a-mo.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://prebid.a-mo.net
date
Sun, 19 Nov 2023 08:19:59 GMT
access-control-allow-credentials
true
sdk-runtime-config.js
buy.tinypass.com/api/v3/anon/assets/
266 B
327 B
XHR
General
Full URL
https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6702a47aa83925ff2518e67f77686353b42784bc15344e2351630e9d4a9c94d4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:00 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
5115
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M97zc4scCRr
wn
prod-dash-10-0-83-6
last-modified
Sun, 19 Nov 2023 06:54:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.007
cache-control
public, max-age=14400
cf-ray
8287080f3b0639c3-YYZ
expires
Sun, 19 Nov 2023 12:20:00 GMT
async_usersync
ib.adnxs.com/ Frame 7846
0
595 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:00 GMT
an-x-request-uuid
c57af725-ed75-45c9-b604-7345e6e46490
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AA6E
0
595 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:00 GMT
an-x-request-uuid
5d64389e-bf61-4a63-bf73-ef21fe98ab21
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame FF48
33 B
274 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e55a66876be723dbcc8eba884037f31f46384fe47f3f6106c23d83c718cdc516
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v1
lb.eu-1-id5-sync.com/lb/ Frame 06EB
33 B
275 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
759c253fc9b8e853c08f1c897ea15c058e12ac4cca0dd7a2c18c8119a9d33421
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v1
lb.eu-1-id5-sync.com/lb/ Frame 357E
33 B
274 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
3361a2d6e114c0b3ecc648f7fce5c4207aee2f4bacd07cf78b7fe52abd28a4f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v1
lb.eu-1-id5-sync.com/lb/ Frame F0F7
33 B
274 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e039eaa1014ce5fbd0c096b926dfddc8e3fb9e459dcb8a60575df8cc1a4f5cc0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame C96B
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87899579&p=156307&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
176a01f7f19214c673613a90dc83949dac286e3d4de5bacdb0822e5115f204ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 08:20:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
us-u.openx.net/w/1.0/ Frame 42FA
870 B
550 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6888385888
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b5d936e8f69e1be113998144e31013a6796c748b3934aad2fa9b54c35955bf9a

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
531
content-type
text/html
date
Sun, 19 Nov 2023 08:20:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AB35
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6888385888
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.136.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-136-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=72728
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 19 Nov 2023 08:20:01 GMT
expires
Mon, 20 Nov 2023 04:32:09 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D8C5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6888385888
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Nov 2023 08:20:01 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 19 Nov 2023 08:20:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/ Frame 8B83
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HrmzhQZHj9hnad-STX6DT5p8
95 B
366 B
Image
General
Full URL
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HrmzhQZHj9hnad-STX6DT5p8
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6888385888
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Sun, 19 Nov 2023 08:20:01 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HrmzhQZHj9hnad-STX6DT5p8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame 8B83
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
  • https://sync.smartadserver.com/getuid?url=https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/&cklb=1
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=4056922767116350335
95 B
360 B
Image
General
Full URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=4056922767116350335
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6888385888
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=4056922767116350335
date
Sun, 19 Nov 2023 08:20:01 GMT
content-length
0
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame 8B83
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=1226190852069536688&gdpr=0&gdpr_consent=
95 B
360 B
Image
General
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=1226190852069536688&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6888385888
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
an-x-request-uuid
0adabffb-f7f8-4a58-993a-c3cc8319a99e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=1226190852069536688&gdpr=0&gdpr_consent=
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/ Frame 8B83
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=a902f120-5231-4d73-bf4d-b35c5110e8f0
95 B
372 B
Image
General
Full URL
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=a902f120-5231-4d73-bf4d-b35c5110e8f0
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6888385888
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=a902f120-5231-4d73-bf4d-b35c5110e8f0
date
Sun, 19 Nov 2023 08:20:01 GMT
server
Kestrel
content-length
239
/
sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/ Frame 8B83
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=d4acb1d937222a5837ee72bd9fa80b7b
95 B
370 B
Image
General
Full URL
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=d4acb1d937222a5837ee72bd9fa80b7b
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6888385888
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

date
Sun, 19 Nov 2023 08:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=d4acb1d937222a5837ee72bd9fa80b7b
access-control-allow-credentials
true
cf-ray
828708148ffc3739-YYZ
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
track.adform.net/Serving/Cookie/ Frame 4FD2
91 B
636 B
Script
General
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2936275069
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
54543d4f0097145efe0383890d385a073eb5a36d04fb57a8655a80301da4f171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
199
expires
-1
usync.html
eus.rubiconproject.com/ Frame A2A4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2936275069
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Nov 2023 08:20:01 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 19 Nov 2023 08:20:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/ Frame 4FD2
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=d0a86189e3414fbdc46cbde9551da18d
95 B
370 B
Image
General
Full URL
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=d0a86189e3414fbdc46cbde9551da18d
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2936275069
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

date
Sun, 19 Nov 2023 08:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=d0a86189e3414fbdc46cbde9551da18d
access-control-allow-credentials
true
cf-ray
828708148ffd3739-YYZ
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/ Frame 4FD2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAGSDE7Ks4oAABbcxTk8jg
95 B
364 B
Image
General
Full URL
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAGSDE7Ks4oAABbcxTk8jg
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2936275069
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAGSDE7Ks4oAABbcxTk8jg
Date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
285.gif
id5-sync.com/k/ Frame 4FD2
Redirect Chain
  • https://id5-sync.com/s/286/9.gif?puid=c54ac035-593a-4346-b594-0zz1700381999&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opi...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEC_R6Uk7utAV2FxlJ4gVVLQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1226190852069536688&opid=apx&ops=&utidl=tech:goo:CAESEC_R6Uk7utAV2FxlJ4gVVLQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A54439845909&gdpr=0&gdpr_consent=&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-3dc49VhND7ObvzVLuuPvi6zyVn_Augu4CEDPTwZKGw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-3dc49VhND7ObvzVLuuPvi6zyVn_Augu4CEDPTwZKGw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F124%2F7%2F3.gif%3Fp...
  • https://id5-sync.com/cq/286/124/7/3.gif?puid=a44467ef-dd25-4451-baed-215ff6a239d0&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-3dc49VhND7ObvzVLuuPvi6zyVn_Augu4CEDPTwZKGw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F916%2F6%2F4.gif%3Fpuid%3...
  • https://id5-sync.com/cq/286/916/6/4.gif?puid=a44467ef-dd25-4451-baed-215ff6a239d0&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F821%2F5%2F5.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/286/821/5/5.gif?puid=5ef92594-467a-4058-a037-eaab902573d2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F104%2F4%2F6.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/286/104/4/6.gif?puid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F136%2F3%2F7.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/286/136/3/7.gif?puid=ZVnFLgAAwxOjbgBH&gdpr=0&gdpr_consent=
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=LP57JAYC-21-7NJN&gdpr=0
0
0

/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 4FD2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=c54ac035-593a-4346-b594-0zz1700381999
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Drichaudience%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=richaudience&user_id=k-zDg8eHLzBWxexl5tU55l5r5f9eUN6EFePxpV0A&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&us_ps=
95 B
372 B
Image
General
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&us_ps=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2936275069
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&us_ps=
Date
Sun, 19 Nov 2023 08:20:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/28c494da87ff99969927ac34ba30adbe/ Frame 4FD2
Redirect Chain
  • https://cs.admanmedia.com/94dcde452288200d4a351d837ab898ca.gif?puid=c54ac035-593a-4346-b594-0zz1700381999&redir=https%3A%2F%2Fsync.richaudience.com%2F28c494da87ff99969927ac34ba30adbe%2F%3Fuid%3D%5B...
  • https://sync.richaudience.com/28c494da87ff99969927ac34ba30adbe/?uid=da282d1f-7575-48d5-bbfc-5e3794a4f214
95 B
374 B
Image
General
Full URL
https://sync.richaudience.com/28c494da87ff99969927ac34ba30adbe/?uid=da282d1f-7575-48d5-bbfc-5e3794a4f214
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2936275069
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:20:01 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.richaudience.com/28c494da87ff99969927ac34ba30adbe/?uid=da282d1f-7575-48d5-bbfc-5e3794a4f214
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
usermatch
ssum-sec.casalemedia.com/ Frame C40E
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=566725208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d46788d01c1ef24e0b474623843a6d280091ed24685343e8398493ab7b400f5

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82870812f83636fc-YYZ
content-encoding
br
content-type
text/html
date
Sun, 19 Nov 2023 08:20:01 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4e1t3PqcUb0xM7TQ81eIAuqbL2vbzXmbhGdEvDd%2B4IVuWPtR2h0YuDgOCzedijArdcKW8tQq8T3tJfJyBDOTXwMBBgaO6MH40cStcI9A5yMXFf9SE3a8x7Y4vnRGdUPk%2BUqnKb8NU9CGxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
track.adform.net/Serving/Cookie/ Frame 93DB
91 B
636 B
Script
General
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=566725208
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
54543d4f0097145efe0383890d385a073eb5a36d04fb57a8655a80301da4f171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
199
expires
-1
cm
us-u.openx.net/w/1.0/ Frame 64E2
870 B
550 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=566725208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b5d936e8f69e1be113998144e31013a6796c748b3934aad2fa9b54c35955bf9a

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
531
content-type
text/html
date
Sun, 19 Nov 2023 08:20:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3069
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=566725208
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.136.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-136-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=72728
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 19 Nov 2023 08:20:01 GMT
expires
Mon, 20 Nov 2023 04:32:09 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A521
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=566725208
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Nov 2023 08:20:01 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 19 Nov 2023 08:20:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame 93DB
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
  • https://sync.smartadserver.com/getuid?url=https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/&cklb=1
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=4056922767116350335
95 B
360 B
Image
General
Full URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=4056922767116350335
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=566725208
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=4056922767116350335
date
Sun, 19 Nov 2023 08:20:00 GMT
content-length
0
token
token.rubiconproject.com/ Frame 93DB
Redirect Chain
  • https://id5-sync.com/s/286/9.gif?puid=c54ac035-593a-4346-b594-0zz1700381999&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/286/19/8/2.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/286/19/8/2.gif?puid=103a4eb2b48ab6d079714013a2e45a10&gdpr=0&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opi...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEC_R6Uk7utAV2FxlJ4gVVLQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1226190852069536688&opid=apx&ops=&utidl=tech:goo:CAESEC_R6Uk7utAV2FxlJ4gVVLQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A54439845909&gdpr=0&gdpr_consent=&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F821%2F6%2F4.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/286/821/6/4.gif?puid=5ef92594-467a-4058-a037-eaab902573d2&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-3dc49VhND7ObvzVLuuPvi6zyVn_Augu4CEDPTwZKGw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F916%2F5%2F5.gif%3Fpuid%3...
  • https://id5-sync.com/cq/286/916/5/5.gif?puid=a44467ef-dd25-4451-baed-215ff6a239d0&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F826%2F4%2F6.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F826%2F4%2F6.gif%3Fpuid...
  • https://id5-sync.com/c/286/826/4/6.gif?puid=a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F136%2F3%2F7.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/286/136/3/7.gif?puid=ZVnFLgAAwxOjbgBH&gdpr=0&gdpr_consent=
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
0
0

/
sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/ Frame 93DB
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=a9e604654e5576fabc5eb47b9960a7a2
95 B
370 B
Image
General
Full URL
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=a9e604654e5576fabc5eb47b9960a7a2
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=566725208
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

date
Sun, 19 Nov 2023 08:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=a9e604654e5576fabc5eb47b9960a7a2
access-control-allow-credentials
true
cf-ray
828708148ffb3739-YYZ
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
track.adform.net/Serving/Cookie/ Frame 1BA5
91 B
636 B
Script
General
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2850261077
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
54543d4f0097145efe0383890d385a073eb5a36d04fb57a8655a80301da4f171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
199
expires
-1
cm
us-u.openx.net/w/1.0/ Frame B6C2
870 B
550 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2850261077
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b5d936e8f69e1be113998144e31013a6796c748b3934aad2fa9b54c35955bf9a

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
531
content-type
text/html
date
Sun, 19 Nov 2023 08:20:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame 1BA5
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
  • https://sync.smartadserver.com/getuid?url=https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/&cklb=1
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=4056922767116350335
95 B
360 B
Image
General
Full URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=4056922767116350335
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2850261077
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=4056922767116350335
date
Sun, 19 Nov 2023 08:20:01 GMT
content-length
0
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 1BA5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=c54ac035-593a-4346-b594-0zz1700381999
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Drichaudience%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=richaudience&user_id=k-zDg8eHLzBWxexl5tU55l5r5f9eUN6EFePxpV0A&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&us_ps=
95 B
372 B
Image
General
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&us_ps=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2850261077
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=30b13ab7-dbc6-4eff-9e07-01119cc841d7&gdpr=0&gdpr_consent=&us_ps=
Date
Sun, 19 Nov 2023 08:20:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/ Frame 1BA5
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=8f2dba26f31170c22b63635a57d8ec51
95 B
369 B
Image
General
Full URL
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=8f2dba26f31170c22b63635a57d8ec51
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2850261077
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

date
Sun, 19 Nov 2023 08:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=8f2dba26f31170c22b63635a57d8ec51
access-control-allow-credentials
true
cf-ray
828708148fff3739-YYZ
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Pug
simage2.pubmatic.com/AdServer/ Frame 0F43
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=854172919370
42 B
287 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=854172919370
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:20:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=854172919370
Pug
simage2.pubmatic.com/AdServer/ Frame 51A8
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 19 Nov 2023 08:20:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 19 Nov 2023 08:20:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cm
ipac.ctnsnet.com/int/ Frame C011
43 B
368 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 19 Nov 2023 08:20:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
/
onetag-sys.com/match/ Frame 3E79
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fe226559-c52a-4300-b170-b415135d8eeb&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
0
340 B
Document
General
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
157
content-type
text/html; charset=utf-8
date
Sun, 19 Nov 2023 08:20:01 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 75AA
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HdVbeLARDSaqK9F9MsVZZQ
42 B
278 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HdVbeLARDSaqK9F9MsVZZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:20:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sun, 19 Nov 2023 08:20:02 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HdVbeLARDSaqK9F9MsVZZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 7EF7
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8874850671
  • https://sync.1rx.io/usersync/tradedesk/a902f120-5231-4d73-bf4d-b35c5110e8f0
  • https://sync.targeting.unrulymedia.com/csync/RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
42 B
332 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:20:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Sun, 19 Nov 2023 08:20:01 GMT
ETag
RXdacc658d55c34b1a9a355253d202203c005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
cookiesync
core.iprom.net/ Frame 0AB0
43 B
277 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 19 Nov 2023 08:20:01 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-16010a89946d@version_1.576
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 1360
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 19 Nov 2023 08:20:01 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
/
onetag-sys.com/match/ Frame 2643
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:80F0BBA4FA7E41C0BC939AA6389B762B&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
0
340 B
Document
General
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
157
content-type
text/html; charset=utf-8
date
Sun, 19 Nov 2023 08:19:59 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 09E6
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7536684011275270728&uid=Q753668401127527...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7536684011275270728
42 B
95 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7536684011275270728
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 19 Nov 2023 08:20:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=70541
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Sun, 19 Nov 2023 08:20:02 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7536684011275270728
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
/
sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/ Frame 3ABA
0
373 B
Document
General
Full URL
https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=0&taboola_hm=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&orig=video&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
date
Sun, 19 Nov 2023 08:20:01 GMT
server
nginx
x-fastly-to-nlb-rtt
45655
insync
thrtle.com/ Frame C96B
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&vxii_pid=12&vxii_pid1=10067&vxii_rcid=d302d3ed-0378-40e0-a01b-29c43ed58568
43 B
295 B
Image
General
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&vxii_pid=12&vxii_pid1=10067&vxii_rcid=d302d3ed-0378-40e0-a01b-29c43ed58568
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
3.228.65.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-65-117.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 19 Nov 2023 08:20:01 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&vxii_pid=12&vxii_pid1=10067&vxii_rcid=d302d3ed-0378-40e0-a01b-29c43ed58568
date
Sun, 19 Nov 2023 08:20:01 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame C96B
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame C96B
43 B
359 B
Image
General
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.50.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-50-245.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame C96B
0
425 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=187&uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.82.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-82-255.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 19 Nov 2023 08:20:01 GMT
52154.gif
idsync.rlcdn.com/ Frame C40E
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVnFMMY0.-GtZegaNPpQrAAA%261384&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVnFMMY0.-GtZegaNPpQrAAA%261384&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8a6f98d1b20f4c81a08da7796064d9d7
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3252457447538295465
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=8a6f98d1-b20f-4c81-a08d-a7796064d9d7
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b344e16e-9701-4294-a0cf-f17917cc3712%3A1700382002.9722192&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db344e16e-9701-4294-a0cf-f17917c...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=970033169764266234&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db344e16e-9701-4294-a0c...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b344e16e-9701-4294-a0cf-f17917cc3712%3A1700382002.9722192&_=1700382002.974679
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1226190852069536688
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1226190852069536688
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:03 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:03 GMT
an-x-request-uuid
1b8a893f-7ad7-46f2-974f-70a9713ce308
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1226190852069536688
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C40E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVnFMMY0-_GtZegaNPpQrAAABWgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEC_qL0GHNjJbpVIP2OxiBmE&google_cver=1
43 B
765 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEC_qL0GHNjJbpVIP2OxiBmE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coRn8CGKMtMcaq2cpq%2B5ParSh%2BtFf4cf%2Brqht8U2Lq9VpoShvBNJxUd48yA0vMJYtaGmLU1ulk7qqpk3lntuM5Zk0FwS2Q43ny9208ZmX70XG2hocE8ivfg0mZfWg2jvPESIcw2zB0JFfw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
828708145fac54a3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEC_qL0GHNjJbpVIP2OxiBmE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C40E
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVnFMMY0-_GtZegaNPpQrAAABWgAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 08:20:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9748PWTVCXT8DQBWM44M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C40E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVnFMMY0.-GtZegaNPpQrAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB3UMxoO_YJ1umBU4a_CnTc&google_cver=1&google_hm=2
43 B
731 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB3UMxoO_YJ1umBU4a_CnTc&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F65s627wI6kbdyk%2FYfSfHGT03vEQa2mRvbCwFVm5AwWVQAMT4bfDrMwp1n43sv1utrnKIgdYaUPmxc1UVNrve8u9rENV1j57wM5CZLgRiswtJG5mXKPfY3sCcRoHMLZrBkT%2Furkvqk9%2BIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82870814ffe554a3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB3UMxoO_YJ1umBU4a_CnTc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C40E
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=313ad0d2f7434fadaf23b0d54669ccdc&expiration=1702974001
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=313ad0d2f7434fadaf23b0d54669ccdc&expiration=1702974001
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwHlW54yRvu851Wu9dovBjdS9xDAFg8FIWzrqolRMOY3qGr4%2FaN9sw%2BQxi0Io72IvfUVkQVVkrup2iuHR%2BxUtfSkKxclfyL5iGaRE8Eg%2Bn9qHNmBPEAK%2F1lamwVwAnlhVlQ%2BwD6T1fazBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82870816286f54a3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:00 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=313ad0d2f7434fadaf23b0d54669ccdc&expiration=1702974001
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C40E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZVnFLgAAwxOjbgBH
43 B
337 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZVnFLgAAwxOjbgBH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2mJhtatPtZXioRwqT2sRt3LrwZyou4UGy276pQzgQjljSBc8olHUcWgUkEnV2W4IhH1sjUI8KK8u%2B2cvdvwRq67IadVr4ltTA7nGU%2BgXppQR5ozGpVSy%2Fr%2B4MCOV63ePQuozgH1CHR7iA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82870814292136fc-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-yyz4568-YYZ
pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700382001.226635,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZVnFLgAAwxOjbgBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame C40E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGSDE7Ks4oAABbcxTk8jg&expiration=1701591601
43 B
332 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGSDE7Ks4oAABbcxTk8jg&expiration=1701591601
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evH9xwm%2BcLu9uXQH%2FuTVT7r%2BWvMftmzER9o2931%2B2DOwrbQYdZfkJ2g3B2E9YBzsO%2BDb3R8z%2FPzDf%2BsuaXikpwIn%2FQJQiZe3m1iStTaJNreT8l2xfUaYs1PKJXhnoDQf83WumAxuSlddGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82870814594536fc-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGSDE7Ks4oAABbcxTk8jg&expiration=1701591601
Date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame C40E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVnFMMY0.-GtZegaNPpQrAAA%261384
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVnFMMY0.-GtZegaNPpQrAAA%261384&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=K8uT7T76qPzi5L74PwEp6TiF3g3rG--bPTWaxFB8edw&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVnFMMY0.-GtZegaNPpQrAAA%261384&tc=1
43 B
743 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=K8uT7T76qPzi5L74PwEp6TiF3g3rG--bPTWaxFB8edw&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVnFMMY0.-GtZegaNPpQrAAA%261384&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Js1zjhFNyjKX6B%2BzKMNP%2F1bEvfk1o6L0PGg0C%2FcUtOtfuyC6zAhP31tlSGNM7aQU4wHPyXrQ%2FKo%2BAvxgU%2F%2FN4UwOb%2BzF7V7ExLZ7y5Bb7wr%2Bwg4mSLU68GtqpHpEx64FRl6oUMzLa8%2FjNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82870819d9e754a3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=K8uT7T76qPzi5L74PwEp6TiF3g3rG--bPTWaxFB8edw&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVnFMMY0.-GtZegaNPpQrAAA%261384&tc=1
pragma
no-cache
date
Sun, 19 Nov 2023 08:20:02 GMT, Sun, 19 Nov 2023 08:20:02 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.richaudience.com/2066127a3f7c6635eb4f6cac536feb5a/ Frame C40E
95 B
374 B
Image
General
Full URL
https://sync.richaudience.com/2066127a3f7c6635eb4f6cac536feb5a/?uid=ZVnFMMY0-_GtZegaNPpQrAAABWgAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/ Frame 64E2
95 B
374 B
Image
General
Full URL
https://sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/?uid=d274765e-b7ed-4cab-b002-f49744d1b77b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
receive
pixel.tapad.com/idsync/ex/ Frame 64E2
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=36a74c48-b4d4-465a-a1de-e17a5a1a153d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 64E2
0
374 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=1e1dbc3d-37b9-4194-b818-b8a6fe352058
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362358.gif
idsync.rlcdn.com/ Frame 64E2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=651f40d2-2294-4dbd-b446-f95f500db5e9
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEAq9u51Yh0skfrkeLssVy4&google_cver=1
42 B
320 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEAq9u51Yh0skfrkeLssVy4&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEAq9u51Yh0skfrkeLssVy4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 64E2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1226190852069536688
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1226190852069536688
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
an-x-request-uuid
f4eaf8b4-ebe8-4a95-bf1d-cc265c95d72e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1226190852069536688
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 64E2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 19 Nov 2023 08:20:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 64E2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVnFLgAAwxOjbgBH
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVnFLgAAwxOjbgBH
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4568-YYZ
pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700382001.289640,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVnFLgAAwxOjbgBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/ Frame 42FA
95 B
374 B
Image
General
Full URL
https://sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/?uid=d274765e-b7ed-4cab-b002-f49744d1b77b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
receive
pixel.tapad.com/idsync/ex/ Frame 42FA
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=36a74c48-b4d4-465a-a1de-e17a5a1a153d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 42FA
0
17 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=1e1dbc3d-37b9-4194-b818-b8a6fe352058
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame 42FA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=651f40d2-2294-4dbd-b446-f95f500db5e9
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ac6e9f22e8238f1861581d9cd41a6746b285b100e688d5fe4024fc64404cdb03791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhYzZlOWYyMmU4MjM4ZjE4NjE1ODFkOWNkNDFhNjc0NmIyODViMTAwZTY4OGQ1ZmU0MDI0ZmM2NDQwNGNkYjAzNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhYzZlOWYyMmU4MjM4ZjE4NjE1ODFkOWNkNDFhNjc0NmIyODViMTAwZTY4OGQ1ZmU0MDI0ZmM2NDQwNGNkYjAzNzkxNDI2YjU0MTdkY2UyMRAAGgwIsYrnqgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=ed566181-d73f-4acf-9d6c-4b77f3933c39
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=ed566181-d73f-4acf-9d6c-4b77f3933c39
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:02 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 19 Nov 2023 08:20:02 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=ed566181-d73f-4acf-9d6c-4b77f3933c39
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
sd
us-u.openx.net/w/1.0/ Frame 42FA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1226190852069536688
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1226190852069536688
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
an-x-request-uuid
d2756e84-b7b1-4afc-af43-7e040e147706
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1226190852069536688
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 42FA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 19 Nov 2023 08:20:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 42FA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVnFLgAAwxOjbgBH
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVnFLgAAwxOjbgBH
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4568-YYZ
pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700382001.293837,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVnFLgAAwxOjbgBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/ Frame B6C2
95 B
374 B
Image
General
Full URL
https://sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/?uid=d274765e-b7ed-4cab-b002-f49744d1b77b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
receive
pixel.tapad.com/idsync/ex/ Frame B6C2
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=36a74c48-b4d4-465a-a1de-e17a5a1a153d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame B6C2
0
17 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=1e1dbc3d-37b9-4194-b818-b8a6fe352058
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame B6C2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=651f40d2-2294-4dbd-b446-f95f500db5e9
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=651f40d2-2294-4dbd-b446-f95f500db5e9
42 B
309 B
Image
General
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=651f40d2-2294-4dbd-b446-f95f500db5e9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 19 Nov 2023 08:20:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=651f40d2-2294-4dbd-b446-f95f500db5e9
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame B6C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1226190852069536688
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1226190852069536688
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
an-x-request-uuid
02d51ba0-4340-407d-a533-7d0d37a63a60
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1226190852069536688
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B6C2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3252457447538295465&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 19 Nov 2023 08:20:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame B6C2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVnFLgAAwxOjbgBH
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVnFLgAAwxOjbgBH
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4568-YYZ
pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700382001.293810,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVnFLgAAwxOjbgBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame 93DB
95 B
360 B
Image
General
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?uid=383984206483609004
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=566725208
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=566725208
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
usync.js
eus.rubiconproject.com/ Frame A2A4
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fa22e4ec07e2727d4d4bc2256e84153b63d770671f776e9bc3e465d40955fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:20:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Nov 2023 05:55:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77665
Connection
keep-alive
Content-Length
13230
Expires
Mon, 20 Nov 2023 05:54:26 GMT
usync.js
eus.rubiconproject.com/ Frame D8C5
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fa22e4ec07e2727d4d4bc2256e84153b63d770671f776e9bc3e465d40955fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:20:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Nov 2023 05:55:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77665
Connection
keep-alive
Content-Length
13230
Expires
Mon, 20 Nov 2023 05:54:26 GMT
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame 4FD2
95 B
360 B
Image
General
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?uid=383984206483609004
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2936275069
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2936275069
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
usync.js
eus.rubiconproject.com/ Frame A521
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fa22e4ec07e2727d4d4bc2256e84153b63d770671f776e9bc3e465d40955fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:20:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Nov 2023 05:55:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77665
Connection
keep-alive
Content-Length
13230
Expires
Mon, 20 Nov 2023 05:54:26 GMT
khaos.json
token.rubiconproject.com/ Frame A2A4
7 B
798 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LP57JAYC-21-7NJN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
Expires
0
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame 1BA5
95 B
360 B
Image
General
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?uid=383984206483609004
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2850261077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2850261077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
khaos.json
token.rubiconproject.com/ Frame D8C5
7 B
798 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LP57JAYC-21-7NJN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
/
sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/ Frame A2A4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr=0&gdpr_consent=&gdpr=0&khaos=LP57JAYC-21-7NJN
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LP57JAYC-21-7NJN&gdpr=0
95 B
360 B
Image
General
Full URL
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LP57JAYC-21-7NJN&gdpr=0
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2936275069
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Sun, 19 Nov 2023 08:14:24 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LP57JAYC-21-7NJN&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
khaos.json
token.rubiconproject.com/ Frame A521
7 B
798 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LP57JAYC-21-7NJN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
async_usersync
ib.adnxs.com/ Frame 7846
0
595 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
an-x-request-uuid
4764996f-baa4-4a6f-a198-7a756107938b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AA6E
0
595 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:01 GMT
an-x-request-uuid
dc107ff4-c1fb-45c6-b8bc-3b1def59ec1a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
OpportunityServlet
ch-vid-events.taboola.com/
1 B
120 B
Ping
General
Full URL
https://ch-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:01 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
371.json
id5-sync.com/g/v2/ Frame 06EB
598 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
551306234d9946712a8a723c859ae564f39848aafce51ff78c25cb1ae0842554
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
371.json
id5-sync.com/g/v2/ Frame F0F7
598 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
04e2ecf680f823bc9e6f00b5a109427b33897f373fc069fb515305ecf67fc901
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
371.json
id5-sync.com/g/v2/ Frame 357E
598 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
ac3823427caf793cc128de0953717514b32475897dfaae29355110c69a578ec5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
371.json
id5-sync.com/g/v2/ Frame FF48
598 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
dee32c544c24688ffa777c45da3380a2caba8029e1b91d92d34b10b8cfecf881
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://valor.globo.com
date
Sun, 19 Nov 2023 08:20:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
VideoBidRequestHandlerServlet
ch-wf.taboola.com/
3 KB
1 KB
XHR
General
Full URL
https://ch-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=402&height=226&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700382001953&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1573&pt=-121778050&tz=-480&viewable=true&ddast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2768345&dpubid=375975&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vA!uftchrwf_vC!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fvalor.globo.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6ac23a2c3debd2714f1b1c1a38978aaca953d73d8cdf399262b0c0db1eac15b8

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:02 GMT
content-encoding
gzip
server
nginx
machineid
1854
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1161
692 B
1007 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89818586&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
450e63e973d0f13d050e0668366079203ff6a3029b4d8a101d06fd606284adc5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 19 Nov 2023 08:20:02 GMT
content-length
692
content-type
text/html; charset=UTF-8
cookiesyncendpoint
sync.aniview.com/ Frame 46F3
0
293 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=1&key=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Sun, 19 Nov 2023 08:20:02 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 1161
0
363 B
Image
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent=
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.231.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-231-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:02 GMT
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
034a1445-934b-445d-b6bd-024b1b1f847a
Connection
keep-alive
Content-Length
0
x-application-context
application:production
liveramp.com
pippio.com/api/ Frame 1161
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent=
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ac6e9f22e8238f1861581d9cd41a6746b285b100e688d5fe4024fc64404cdb03791426b5417dce21&_=2
  • https://pippio.com/api/liveramp.com
0
0
Image
General
Full URL
https://pippio.com/api/liveramp.com
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Sun, 19 Nov 2023 08:20:02 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
liveramp.com
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6/gdpr=0/ Frame 1161
49 B
265 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6/gdpr=0/gdpr_consent=
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.145.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-145-128.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.56.242
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 1161
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&gdpr=0&gdpr_consent=
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
__activity.gif
query.petametrics.com/v3/2v84n8g15c1895dv/1fc79c4b-f1c5-4b92-ff1e-9ae2161eba9a/
35 B
94 B
Image
General
Full URL
https://query.petametrics.com/v3/2v84n8g15c1895dv/1fc79c4b-f1c5-4b92-ff1e-9ae2161eba9a/__activity.gif?e=stuck_10s&ct=Receita+exige+IRRF+sobre+direitos+credit%C3%B3rios&ccu=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&tspl=14535&blst=3923&ist=4529&iet=4535&bdst=3923&bdet=4521&bcttt=14&ts=1700382003065&jsk=2v84n8g15c1895dv&jsv=20231116&cu=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&uid=1fc79c4b-f1c5-4b92-ff1e-9ae2161eba9a&sid=629e4355-c08a-4859-b912-e9ff89f8eb04&pvid=12a5c39c-fe1d-47ad-d7e9-df74ef8b8aeb&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.159+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&sdk=bc-pixel
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 19 Nov 2023 08:20:03 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame C96B
0
127 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156307&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:20:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-47NEHP2QTX&gtm=45je3b81v880470818z8893763177&_p=1700381992640&gcd=11l1l1l1l1&dma=0&cid=2088517343.1700381993&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1700381995&sct=1&seg=0&dl=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&dt=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%20%7C%20Legisla%C3%A7%C3%A3o%20%7C%20Valor%20Econ%C3%B4mico&_s=2&tfd=14795
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-47NEHP2QTX&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ Frame 357E
0
145 B
Ping
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=valor.globo.com&rs=valor.globo.com&sid=10917&t=1700381998&cip=70.25.255.186&sn=&tgt=1&osv=10&bv=119.0&brn=Chrome&wi=402&he=226&app=&AV_PUBLISHERID=621cca388ba47d78a102e506&test=&d64=6c6d8dac166a86836758fbaaf721c223&d63=6c6d8dac166a86836758fbaaf721c223&aafaid=&proto=https&uid=1700381998338-172029205070-000676-010-005146&cha=0.05&stagid=&stplid=&d35=&d36=6.2.141&cb=68757788071&d39=&d65=&d66=&d74=&d56=&apppkg=&d9=0000&d37=realtime&d65=IntentIQ&AV_WIDTH=402&AV_HEIGHT=226
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 19 Nov 2023 08:20:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
img
pixel.mathtag.com/comp/
0
502 B
Image
General
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=1
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.87.84.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-84-208.deploy.static.akamaitechnologies.com
Software
MT3 1075 283b7e3 master iad iad-pixel-x13 config_version:"455" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:20:04 GMT
Server
MT3 1075 283b7e3 master iad iad-pixel-x13 config_version:"455"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Sun, 19 Nov 2023 08:20:03 GMT
track
track1.aniview.com/ Frame F0F7
0
145 B
Ping
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=valor.globo.com&rs=valor.globo.com&sid=39901&t=1700381998&cip=70.25.255.186&sn=&tgt=1&osv=10&bv=119.0&brn=Chrome&wi=402&he=226&app=&AV_PUBLISHERID=621cca388ba47d78a102e506&test=&d64=5b379e0766a8de23d91e6103bd68bced&d63=5b379e0766a8de23d91e6103bd68bced&aafaid=&proto=https&uid=1700381998339-172030149016-000154-000-000801&cha=0.7&stagid=&stplid=&d35=&d36=6.2.141&cb=82309536504&d39=&d65=&d66=&d74=&d56=&apppkg=&d9=0000&d37=realtime&d65=IntentIQ&AV_WIDTH=402&AV_HEIGHT=226
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 19 Nov 2023 08:20:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ Frame FF48
0
145 B
Ping
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=valor.globo.com&rs=valor.globo.com&sid=82606&t=1700381998&cip=70.25.255.186&sn=&tgt=1&osv=10&bv=119.0&brn=Chrome&wi=402&he=226&app=&AV_PUBLISHERID=621cca388ba47d78a102e506&test=&d64=2adb7b1abb1e1176cb51736c84d4e402&d63=2adb7b1abb1e1176cb51736c84d4e402&aafaid=&proto=https&uid=1700381998034-172029210077-000611-009-006207&cha=0.05&stagid=&stplid=&d35=&d36=6.2.141&cb=91706600906&d39=&d65=&d66=&d74=&d56=&apppkg=&d9=0000&d37=realtime&d65=IntentIQ&AV_WIDTH=402&AV_HEIGHT=226
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 19 Nov 2023 08:20:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
img
pixel.mathtag.com/comp/ Frame 8A5B
0
502 B
Image
General
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=1
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.87.84.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-84-208.deploy.static.akamaitechnologies.com
Software
MT3 1075 283b7e3 master iad iad-pixel-x18 config_version:"455" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=fe226559-c52a-4300-b170-b415135d8eeb&no_iframe=1&mt_adid=225031&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:20:04 GMT
Server
MT3 1075 283b7e3 master iad iad-pixel-x18 config_version:"455"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Sun, 19 Nov 2023 08:20:03 GMT
track
track1.aniview.com/ Frame 06EB
0
145 B
Ping
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=valor.globo.com&rs=valor.globo.com&sid=36071&t=1700381998&cip=70.25.255.186&sn=&tgt=1&osv=10&bv=119.0&brn=Chrome&wi=402&he=226&app=&AV_PUBLISHERID=621cca388ba47d78a102e506&test=&d64=792b6655d4d6ae52f9bbf0e4480bd08d&d63=792b6655d4d6ae52f9bbf0e4480bd08d&aafaid=&proto=https&uid=1700381998341-172027074059-000843-013-006362&cha=0.7&stagid=&stplid=&d35=&d36=6.2.141&cb=12524547308&d39=&d65=&d66=&d74=&d56=&apppkg=&d9=0000&d37=realtime&d65=IntentIQ&AV_WIDTH=402&AV_HEIGHT=226
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 19 Nov 2023 08:20:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
valor
horizon-track.globo.com/event/
0
334 B
Ping
General
Full URL
https://horizon-track.globo.com/event/valor
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/85725c46f1bcc1991d1953a008c08562.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarySf6zs6BoFOBwAjDk

Response headers

date
Sun, 19 Nov 2023 08:20:04 GMT
x-served-from
hzt-tsuru
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://valor.globo.com
access-control-allow-credentials
true
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,ADVERTISING_ID,EXT_ID,globoId
content-length
0
/
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame 9069
0
482 B
Document
General
Full URL
https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 08:14:27 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.4
/
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame 5D53
0
482 B
Document
General
Full URL
https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 08:14:27 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.4
/
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame A360
0
482 B
Document
General
Full URL
https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 08:14:27 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.4
/
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame 4CE1
0
482 B
Document
General
Full URL
https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 08:14:27 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.4
cookiesyncendpoint
sync.aniview.com/ Frame 6F5D
0
293 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1700381998338-172029205070-000676-010-005146&biddername=1&key=23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1700381998338-172029205070-000676-010-005146%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Sun, 19 Nov 2023 08:20:05 GMT
VideoBidRequestHandlerServlet
ch-wf.taboola.com/
3 KB
1 KB
XHR
General
Full URL
https://ch-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=402&height=226&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700382006953&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1573&pt=-121778050&tz=-480&viewable=true&ddast=V8vBECLAaYSC8i9CD1uxIwkV5E6EHqdy0AAABgYED8AEltJsOVZ2Nay1yDyVq03C3XCsvK5hZMbKONbWFZLCfGISCpzWS48mxMa5lrMFmLlrvlWmFZ2dyCiW20sS0si-XEOAUYwjL7fQcF5fT0mF0GUdH1ttgdTrPnDfTQdDp8rnu97GH2W-46s9_it2v8br_Y5XN6zg6Pw--X-01Pj9Phlwwmm71guVeM9pKXx-U0Pdwq49Pncistl5tb87dYXm6R0_Jymv6et8byMjlNf8vT77nrjKa32b86vf1tl8npertXbofTbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAmGwQiA45ILTfbrq8HGZ_AAAAAAABAAAAQAKggPe0BIBKT_aJ__________8YA_SZNzL-____byz0AHjwAfAgBAAA4GIIKSId6LLvLTKRg6MijAAAAAAYZfzrHpmkE1Qsqvz___dbAbgCABCwaK7q8phFd1DiLQwAAIDBmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCNgAAaYQnZ2bU_AICAKz5BQQAYKNuAADeBMAJOgStGAxWRyEmi8lmMFkul7MDAAAAcOf___9fD4iZdgvPxDdyuRYTx8q3WUwMI4tzMRkMR4uFcznZniZ661nWbvzxPhjCMvt9BwXl9PSYXQZR0fW22B1Os-d-JmwxWk0mm-VwtlxMBsPRcDTan4FYLAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB5MjksHhGhrVk4fGsRYPVYi1xmWZukckzmcxmG89sMlyLXh_Tx7UZLRwOLxIMuNuL5GmRTjSW5WC28IxWHsfKtpyZNpOVZbdZLBwzi2FiGUwmYonmZJFOZJd9zbRbeCa-kcu1mDhWvs1iYhhZnIvJYDhaLJzLyb45MjksnpFhLVl4PGvRYLVYS1ymmVtk8kwms9nGM5sM16LXx_RxbUYLh8Pf2A0Gm-FiuRztG7vBYDNcLJejfYfO8F19zkbV9pzy2LSP48xrqzkNCpfB4l2pTittQXLQZq8ip0szUxZ1Rr_f7_f7_X6_3-83aD0Hs0HhO31bRt9Nd11Np9XHwaKIJYKLdKIyOU1_y8Nn9lv8btnD7Le8PH673-30-C1iidJ0kU70YpfP6Tk7PA6_X-43PT1Oh18ymGz2guVeMdpLXh6X0_Rwq4xPn8uttFxubs3fYnm5RU7Ly2n6e94ay8vkNP0tT7_nrjOa3maLWCI4XaQT0ct4uqj_qOEGc8lqLlmt5orhbJUAAAAAAAAAACzBJNNNAAAAAJwMZrda7lbrdCC72XAzWi0XgMSfo64fwiJ1dxNRsF3MLHDgdTdq-cUae2yjTE7T3_Lwmf0Wv1v2MPstL4_f7nc7PX4rA5BwE2W22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAQIIceAACA-D6gpXculHrhR34EOZyN9g9AhVir1ep2Y61WKyBBzGaDCfz___8H!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2768345&dpubid=375975&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vA!uftchrwf_vC!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fvalor.globo.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6ac23a2c3debd2714f1b1c1a38978aaca953d73d8cdf399262b0c0db1eac15b8

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:20:07 GMT
content-encoding
gzip
server
nginx
machineid
1858
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://valor.globo.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
ping
ping.chartbeat.net/
43 B
200 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=valor.com.br&p=%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml&u=BGeB4dCoKkpcBPv1-j&d=valor.globo.com&g=56624&g0=Valor%20Econ%C3%B4mico%2CLegisla%C3%A7%C3%A3o&g1=Joice%20Bacelo&n=1&f=00001&c=0.25&x=0&m=0&y=6740&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz-rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&b=6031&_m=email&_x=hs_email&_y=281529863&t=BDkgvd9rmPCC5e2oT7XYYuCMeRX5&V=141&tz=480&_acct=anon&sn=2&sv=DN-osfDqoeppDH6rdtBUcD0LDgoW3R&sd=1&im=061b9eff&_
Requested by
Host: valor.globo.com
URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.155.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-155-151.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://valor.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 19 Nov 2023 08:20:09 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ingest.php
events.newsroom.bi/
2 B
779 B
Ping
General
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.95 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy07.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://valor.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Nov 2023 08:20:10 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://valor.globo.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
globo-mab.globo.com
URL
https://globo-mab.globo.com/mab/bastian-advwblt-r5:valor:desktop:multicontent:ep/chooseAndIncrement
Domain
globo-mab.globo.com
URL
https://globo-mab.globo.com/mab/bastian-advwblt-r5:valor:desktop:multicontent:dinamico/chooseAndIncrement
Domain
ivccf.ivcbrasil.org.br
URL
https://ivccf.ivcbrasil.org.br/i?stm=1700381994351&e=pv&url=https%3A%2F%2Fvalor.globo.com%2Flegislacao%2Fnoticia%2F2023%2F09%2F14%2Freceita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email&page=Receita%20exige%20IRRF%20sobre%20direitos%20credit%C3%B3rios%20%7C%20Legisla%C3%A7%C3%A3o%20%7C%20Valor%20Econ%C3%B4mico&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=27&p=web&tz=America%2FLos_Angeles&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=fbcd445b-85dc-4917-b245-ea2d184868d0&dtm=1700381994350&vp=1600x1200&ds=1600x5949&vid=1&sid=fe94a9ca-cb07-498b-abaf-5a8445ba2742&duid=fe044a31-f5ea-4626-8dc3-6e256a2fb524&fp=3468201059
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cdn.stickyadstv.com
URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1700381998447
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1580&userId=4115979473928357364007
Domain
id5-sync.com
URL
https://id5-sync.com/k/285.gif?puid=LP57JAYC-21-7NJN&gdpr=0
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

514 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| documentPictureInPicture object| cdaaas object| HorizonClient object| gptadslots object| googletag object| utag_data function| globalWebdeps object| glb object| settings function| OneSignal object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ggeac object| google_tag_data object| google_js_reporting_queue number| __oneSignalSdkLoadCount function| __jp0 undefined| google_measure_js_timing object| pbjs function| bannerLazyLoading function| disableLazyLoad function| enableLazyLoad boolean| libPubReady string| tenantId object| oidcSettings object| TESTETETE object| usrData string| $igniter_var function| $p function| translateCanonicalUrl function| trackRecommendation function| renderRecommendation function| registerRecommendation function| applyRecommendation function| recommendationTrigger object| timeout function| recommendationListener function| isMigratedContent object| el boolean| IsMigratedContent object| SETTINGS object| bstn boolean| BASTIAN_UBER_HEADLINE object| BASTIAN_INFO object| ScrollSpy object| globoPage object| regeneratorRuntime object| localStorageCache object| cq object| editoraGloboAuthenticationLib function| setImmediate function| clearImmediate object| WM function| $ function| jQuery function| changeBg function| checkIfTranslated object| horizonResources function| HorizonSendEvent function| HorizonSchedulePageLoadEvent object| glb_realtime_map function| Bastian object| LGPD number| google_unique_id object| gaGlobal object| dataLayer object| pbjsChunk object| Criteo object| _gaq object| jQuery18307861615962637365 function| GloboAB object| tv4 object| globoAB function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| ox_esp object| webpackChunkli_browser_client object| loadTimes function| convertRecAb function| JsonpService function| Util function| CacheService object| Cadun function| EventService object| GloboIDSDK object| _cdn function| comScore object| ns_p object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo_identitytag_144 object| $jscomp function| __extends object| Horizon object| pvm object| google_tag_manager object| utag function| hj object| _hjSettings object| bVejaMais object| observer object| config object| e function| t object| marfeel function| fbq function| _fbq function| renderBanner function| insertPubInImage object| MAP_POSITIONS function| renderPositions boolean| isMobile number| tempo boolean| fixed object| publicidadeFixa object| retGeral object| s string| id_script undefined| ret string| o object| a object| b function| Navegg object| naveggReady object| nvg56187 object| n object| d object| _taboola string| nomeProdutoPiano string| tipoConteudoPiano string| ambienteUtilizadoPiano boolean| conteudoExclusivo boolean| semPaywall string| nomeEditoriaPiano string| nomeSubeditoriaPiano undefined| arrayGloboId object| GlobalIvcNamespace function| ivc function| insertPubInText function| insertPubFloating function| insertTouchPoint object| _sf_async_config string| user_type object| el_mab object| _cbq number| _sf_endpt function| eventos object| signal_decrypted string| HORIZON_RECOMMENDATION function| insertHorizonRecommendation function| notifyHorizonRecommendation object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| taboolaEvents object| _tblConsole number| trc_debug_level object| TRC object| TRCImpl undefined| __startEngine boolean| __tblTrecsInit function| __trcDebug function| __trcError function| __trcInfo function| __trcWarn function| MtBts function| metric object| Snowplow object| _cb_shared object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass object| pSUPERFLY_mab object| pSUPERFLY string| pm_pgtp number| taboola_view_id object| webpackChunk_marfeel_compass_multimedia_sdk boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx undefined| _tb_vpmd boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| webpackJsonp boolean| hasPaywall object| PaywallAnalytics object| tinyCpnt object| Piano object| responseVariables string| GoogleAnalyticsObject function| ga function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam string| trc_article_id string| trc_item_url string| trc_map_url object| trc function| onYouTubeIframeAPIReady object| nvg13574 function| nvgGetSegment function| ltgc string| prmstr object| prmarr object| tmparr object| nvg_hosts object| SWG object| swgEntitlements object| permutive object| apntag object| __permutive object| _cbm function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| image object| TTTagManager function| TTTagManagerError object| _ttq_ttGlobo string| nam object| placementData function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| cmTag object| gaplugins object| gaData object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| libAnalytics boolean| libAnalyticsReady object| BlockAdBlock object| blockAdBlock object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| _cm_wfCounters object| commonSignals function| commonTracker function| sendCommonHit object| WP3 function| Zepto object| WM_PLAYER_VIDEO_TAG_TEST_AUDIO object| WM_PLAYER_VIDEO_TAG_TEST_MUTE object| Clappr object| vttjs function| WebVTT object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| Backbone function| startCMTagMain string| category function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion function| ___tp function| OvaMediaPlayer string| lastWfUrl object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| cX object| PianoESPConfig object| regrasTiny string| _GALimite string| _GAContagem boolean| executouPageview string| nomeExperienciaBotao string| buttonValorImg string| buttonValorUrl function| cxCCE_callQueueExecute object| cxTest object| ari object| storageAni undefined| cXJsonpCB1

363 Cookies

Domain/Path Name / Value
valor.globo.com/legislacao/noticia/2023/09/14 Name: _gada_ses.aca3
Value: *
valor.globo.com/legislacao/noticia/2023/09/14 Name: _gada_id.aca3
Value: fe044a31-f5ea-4626-8dc3-6e256a2fb524.1700381994.1.1700381994.1700381994.fe94a9ca-cb07-498b-abaf-5a8445ba2742
valor.globo.com/legislacao/noticia/2023/09/14 Name: privAu
Value: 0
.taboola.com/editoraglobo-valoreconomico/ Name: taboola_session_id
Value: v2_f47a3b7de51b1e731b0db9120841a992_9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa_1700381994_1700381994_CNawjgYQjv9JGMvcqLW-MSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoi7KQoMnujt4ucAE
id.globo.com/auth/realms/globo.com/ Name: AUTH_SESSION_ID
Value: f6b00dc8-31a8-473c-aeb3-30f560293c69.mig-rhsso-cache-prod-j5m0
id.globo.com/auth/realms/globo.com/ Name: AUTH_SESSION_ID_LEGACY
Value: f6b00dc8-31a8-473c-aeb3-30f560293c69.mig-rhsso-cache-prod-j5m0
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARDEFgoGCKIBEMQW
.onesignal.com/ Name: __cf_bm
Value: khKPifahShJNu4tXQzgH3Z5B0wJTXegChcZP2FsoJ3s-1700381990-0-AXUp3rbb6lP5/kD084+KfP2f+Kq/Gsw/OHUHN70Ic1yaI55S3XuxGsQMXo4zaj6gVnP3KHmIBfrjHFKgsolK+iI=
.globo.com/ Name: cookie-banner-consent-accepted
Value: false
.globo.com/ Name: pbjs_sharedId
Value: 15f36753-2059-41f0-9041-bf83da56a6a0
.globo.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.globo.com/ Name: _igt
Value: 629e4355-c08a-4859-b912-e9ff89f8eb04
.globo.com/ Name: _ig
Value: 1fc79c4b-f1c5-4b92-ff1e-9ae2161eba9a
.globo.com/ Name: __gads
Value: ID=e55e15f9243c791c:T=1700381992:RT=1700381992:S=ALNI_MbYJlbxEMcKFJFSCyj-SLVVdWN5Sg
.globo.com/ Name: __gpi
Value: UID=00000da2b045df4c:T=1700381992:RT=1700381992:S=ALNI_MYuDDtZfADMtCvqaYgFJAb8Evbobw
.doubleclick.net/ Name: IDE
Value: AHWqTUn8x2sDJuluF2RPCCSa_5wgLwtGMZ6hWdLfAZmVjR2uQBuSbZFWJy8WA75kjUo
.rubiconproject.com/ Name: khaos
Value: LP57JAYC-21-7NJN
.openx.net/ Name: i
Value: e37500ed-4654-442a-b1e9-b1440db1e7cc|1700381993
.crwdcntrl.net/ Name: _cc_id
Value: 103a4eb2b48ab6d079714013a2e45a10
.globo.com/ Name: _cc_id
Value: 103a4eb2b48ab6d079714013a2e45a10
.globo.com/ Name: panoramaId_expiry
Value: 1700468393440
.scorecardresearch.com/ Name: UID
Value: 1C749854b9d7a992d3d5ab81700381993
.criteo.com/ Name: uid
Value: 8c555a98-0f5a-4eab-b702-853c1da88aac
.mathtag.com/ Name: uuid
Value: fe226559-c52a-4300-b170-b415135d8eeb
.globo.com/ Name: kppid
Value: 18125291238611216133
.globo.com/ Name: hsid
Value: 7e89ac52-088e-4da5-bd6d-360628fedc60
.navdmp.com/ Name: ac3
Value: 1
.navdmp.com/ Name: nid
Value: 13aa2e3a64a0bd1e797194a1e310|1|349
.globo.com/ Name: nvg56187
Value: 13aa2e3a646b169b899a92987d10|0_324
.globo.com/ Name: _hjSessionUser_1512996
Value: eyJpZCI6IjI4YmI1MDc5LTI1M2YtNWE3NS1hYjhlLTIyMzM3NWM2Mzc0YiIsImNyZWF0ZWQiOjE3MDAzODE5OTQ0OTQsImV4aXN0aW5nIjpmYWxzZX0=
.globo.com/ Name: _hjFirstSeen
Value: 1
.globo.com/ Name: _hjIncludedInSessionSample_1512996
Value: 0
.globo.com/ Name: _hjSession_1512996
Value: eyJpZCI6IjUyZGNmNGIxLTE4M2ItNDU1ZS1iNzIyLTkxMGU2YmZmZjI3MCIsImNyZWF0ZWQiOjE3MDAzODE5OTQ0OTUsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.globo.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.globo.com/ Name: ___nrbic_1464
Value: %7B%22previousVisit%22%3A1700381994%2C%22currentVisitStarted%22%3A1700381994%2C%22sessionId%22%3A%22c964a7c8-9039-46fc-b595-5d5efa52390d%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml%3Futm_medium%3Demail%26_hsmi%3D281529863%26_hsenc%3Dp2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k%26utm_content%3D281529863%26utm_source%3Dhs_email%22%2C%22referrer%22%3A%22%22%7D
.globo.com/ Name: ___nrbi_1464
Value: %7B%22firstVisit%22%3A1700381994%2C%22userId%22%3A%224e0ba2a6-19e9-404a-8a18-e9ea1963eee9%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1700381994%2C%22timesVisited%22%3A1%7D
.globo.com/ Name: compass_uid
Value: 4e0ba2a6-19e9-404a-8a18-e9ea1963eee9
.adsrvr.org/ Name: TDID
Value: a902f120-5231-4d73-bf4d-b35c5110e8f0
.valor.globo.com/ Name: _cb_valor
Value: BGeB4dCoKkpcBPv1-j
.valor.globo.com/ Name: _chartbeat2_valor
Value: .1700381994543.1700381994543.1.DN-osfDqoeppDH6rdtBUcD0LDgoW3R.1
.valor.globo.com/ Name: _cb_svref_valor
Value: null
.globo.com/ Name: _fbp
Value: fb.1.1700381994624.569322294
.amazon-adsystem.com/ Name: ad-id
Value: Az7D05X6W0cysjN7UE7B_KY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.globo.com/ Name: _pc_randomCookieForPiano
Value: cookieB
.openx.net/ Name: univ_id
Value: 537072971|a902f120-5231-4d73-bf4d-b35c5110e8f0|1700381994706715
.yahoo.com/ Name: A3
Value: d=AQABBCrFWWUCEBFCUOzTX1EncUOwak25keoFEgEBAQEWW2VjZSXcxyMA_eMAAA&S=AQAAAkMhR1RMc1Q3hLR0uodbxFY
cocoon.globo.com/ Name: GCLB
Value: "4aef1fdfce8e4e3a"
.taboola.com/ Name: t_gid
Value: 9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa
.taboola.com/ Name: t_pt_gid
Value: 9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa
valor.globo.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa
.globo.com/ Name: GLBEXP
Value: 3zXeOKidc4UEKLhE7arV+4er3gArxkPh8BQmQuM8eTUGzzD+EZS5U4mRkWsmmM/1
.globo.com/ Name: glb_uid
Value: _Jc8M8g5alzMV8g6KRXcUAomAq2xlCnKpZlMOiym41I=
.globo.com/ Name: nav13574
Value: 13aa2e3a648df3069e20b99a0710_324
.youtube.com/ Name: YSC
Value: t9nmZlVot6w
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: qnc8R-K_Uao
events.newsroom.bi/ Name: 1464_u
Value: 4e0ba2a6-19e9-404a-8a18-e9ea1963eee9
events.newsroom.bi/ Name: 1464_s
Value: c964a7c8-9039-46fc-b595-5d5efa52390d
events.newsroom.bi/ Name: 1464_lv
Value: null
events.newsroom.bi/ Name: 1464_ut
Value: 0
.globo.com/ Name: _gid
Value: GA1.2.1220002044.1700381995
.globo.com/ Name: _gat_ga_valor_portal_2
Value: 1
.krxd.net/ Name: _kuid_
Value: P7MKAQ_o
.globo.com/ Name: _ga_0527C72C4K
Value: GS1.1.1700381995.1.0.1700381995.0.0.0
.globo.com/ Name: _ga
Value: GA1.1.2088517343.1700381993
valor.globo.com/ Name: __adblocker
Value: false
.globo.com/ Name: permutive-id
Value: 227a595f-09ae-42e7-913f-2804041a4457
.mediago.io/ Name: __mguid_
Value: 1b7de7e8fc0c48492gttf900lp57jd2x
.postrelease.com/ Name: visitor
Value: 6ce59f3d-e172-4c3c-a833-82cfd0d99d6e
.postrelease.com/ Name: status
Value: 0
.adscale.de/ Name: uu
Value: 9911a809bd264a848d1571c9e98f21ca
.contextweb.com/ Name: V
Value: mlf7oMpyiuvU
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 321f9570a192572c
.d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/ Name: pxid
Value: e066b046-58b4-4d41-b43a-186e6c4adb6d
.socdm.com/ Name: SOC
Value: ZVnFLMCo8YQAAPcmuAcAAAAA
.smartadserver.com/ Name: pid
Value: 4056922767116350335
.adscale.de/ Name: cct
Value: 1700381996516
.bidswitch.net/ Name: tuuid
Value: 30b13ab7-dbc6-4eff-9e07-01119cc841d7
.bidswitch.net/ Name: c
Value: 1700381996
.bidswitch.net/ Name: tuuid_lu
Value: 1700381996
.3lift.com/ Name: tluid
Value: 4115979473928357364007
.mfadsrvr.com/ Name: tuuid
Value: e92716a1-90a5-454d-aeae-7252ed358333
.mfadsrvr.com/ Name: c
Value: 1700381996
.mfadsrvr.com/ Name: tuuid_lu
Value: 1700381996
.mfadsrvr.com/ Name: ssh
Value: !taboola,1700381996
.globo.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIBYB2AVgDYAjDy4AmQVz4AOESIEc%2BAThABfIA
.globo.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lp57jdr3gmgpzyg6%22%7D
.gumgum.com/ Name: vst
Value: u_09202f15-366e-4fe3-9aab-4802ddfbd89e
.globo.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
valor.globo.com/ Name: __pnahc
Value: 0
.adnxs.com/ Name: uuid2
Value: 1226190852069536688
.piano.io/ Name: __cf_bm
Value: O2xFQ4VnIkxKxtw5cz0Q2UmJHYSOPRgD7C5npi44Zpc-1700381997-0-Adz4Y2OwMMPkbtRnSzdI4hZ0BZQB/PII74n9Zc2xSlL2vZs7W4/54CNiRjaO6GCi6QzAsFowEx4ZZ0EhE3mkQGs=
.globo.com/ Name: __tbc
Value: %7Bkpex%7D4inCJt5tk5nHknwlzQM8YgXEAK9XBPsboEpqENzEWNzOfe97V6sqLXT1dCNQV9W9
.globo.com/ Name: __pat
Value: -10800000
.globo.com/ Name: __pvi
Value: eyJpZCI6InYtbHA1N2pkcmV4MGZ4MmxsdSIsImRvbWFpbiI6Ii5nbG9iby5jb20iLCJ0aW1lIjoxNzAwMzgxOTk3NDgzfQ%3D%3D
.globo.com/ Name: xbc
Value: %7Bkpex%7DLxIhjcK6A1wNLESY3dPSuC_TIVedJ1e6g8q33nSaTIzicIWSqGaLWIDNodBb2af6RaCo19lONG4uCXcx6xR-8BVuPDT-wrPD4V5_EXtceJR8uKgqMX_Ha18hbBFhJazDoRfj2G8C208NaePKTLyjVGx5oRCkX82U-ozjfVutc7ZiFUCx9Myjdxi60aYgkWgHTt-WeQAE_bbzSItA8mTStWoCdi4_AO_nswvxQrAOdYXG0SSJF7P6IJ-s1U9VZyrUDdUGXoE0NIEYTMj10O-aGGzyp0mCGpLPqXYPJyK4t0tqN8o7PXxFBVAeANSHXtf6d98ebyKi3AoUwrZtMqGz8Q_qwYKCSq9zf3fH6ZcgP3ab1k7VZ19f54freTP6CfSB
.ads.stickyadstv.com/ Name: UID
Value: 209bc32bc2ac8f31366d2dd71d31d3
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjQ3MDA2NjSzNDczMTIzMzI2EeIz1E1P9XK2cA2vqvJJrQQAjc-eQSQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjQ3MDA2NjSzNDczMTIzMzI2EeIz1E1P9XK2cA2vqvJJrQQAjc-eQSQAAAA
.tinypass.com/ Name: LANG
Value: en_US
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 64c94da1-7249-5343-9f35-6a97fa6cafba
.betweendigital.com/ Name: ss
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-111316b1-1261-5cac-7103-19996196370c.Jw2VQIMAG3%2Bs0BSxrfW34zi%2FqlSq9B%2FK35so3HaFv50
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-111316b1-1261-5cac-7103-19996196370c.Jw2VQIMAG3%2Bs0BSxrfW34zi%2FqlSq9B%2FK35so3HaFv50
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AERMWsRJhXKxxAxmZYZY3DEYZ_7o.s0cqL2ewMkp9xMrR%2BgUysQM3PIBT%2BeBCSOR8vRdXYBY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AERMWsRJhXKxxAxmZYZY3DEYZ_7o.s0cqL2ewMkp9xMrR%2BgUysQM3PIBT%2BeBCSOR8vRdXYBY
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIO0I46-hB3Utq28nUed9D7bHA4NS_eB-u9LOOgSMX1jQEHwYBCCtiueqBjABOgRyABfNQgQGPX84.PBkUesHQL8jYquhelz9w%2FzGHIgV41KUZikchiY%2BAZ%2Fk
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIO0I46-hB3Utq28nUed9D7bHA4NS_eB-u9LOOgSMX1jQEHwYBCCtiueqBjABOgRyABfNQgQGPX84.PBkUesHQL8jYquhelz9w%2FzGHIgV41KUZikchiY%2BAZ%2Fk
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwTFZeH7BXUCJyqHC3Q45Qm1JkMIuj9ucPHH1v3MnRnR5XUqJGr2bEdEvpQC4TM1
.bidr.io/ Name: bito
Value: AAGSDE7Ks4oAABbcxTk8jg
.bidr.io/ Name: bitoIsSecure
Value: ok
.betweendigital.com/ Name: ut
Value: ZVnFLQAKnsBxnyNMaSSuY3OQuumrlE1naJyjLw==
.adform.net/ Name: C
Value: 1
.turn.com/ Name: uid
Value: 3252457447538295465
.globo.com/ Name: cX_P
Value: lp57jdr3gmgpzyg6
.linkedin.com/ Name: bcookie
Value: "v=2&3d6d44ec-ce6b-4e3e-867c-8165c26727e0"
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3053:u=1:x=1:i=1700381997:t=1700468397:v=2:sig=AQGf-ScZ7bmWpNFFpfSjDOO1VFnRm7wy"
.adform.net/ Name: uid
Value: 383984206483609004
.lijit.com/ Name: ljt_reader
Value: HrmzhQZHj9hnad-STX6DT5p8
.tapad.com/ Name: TapAd_TS
Value: 1700381997854
.tapad.com/ Name: TapAd_DID
Value: 566c06e1-5ef0-4571-90a4-d38b649d97c6
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: b8526abd-30ea-4192-94e7-2c6f7deaa902
.prebid.a-mo.net/ Name: sd_amuid2
Value: b8526abd-30ea-4192-94e7-2c6f7deaa902
.lijit.com/ Name: _ljtrtb_80
Value: LP57JAYC-21-7NJN
.ipredictive.com/ Name: cu
Value: 24ce2dbc-1c16-44eb-807b-e68ec5abc847|1700381998094
.connatix.com/ Name: cnx_userId
Value: 579ca25490204a76821006641a0ba0fe
.hb.yahoo.net/ Name: visitor-id
Value: 3433835980898670000V10
.hb.yahoo.net/ Name: data-mag
Value: LP57JAYC-21-7NJN~~63
.sharethrough.com/ Name: stx_user_id
Value: 16add98e-a355-4a8e-9e5d-a06bc1a68210
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231119%22%7D
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.deepintent.com/ Name: CDIUSER
Value: di_f5b294aaf357474ab9663
.semasio.net/ Name: SEUNCY
Value: B15F63C19F3A171F
.primis.tech/ Name: csuuid
Value: 6559c52e554f4
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-ERMWsRJhXKxxAxmZYZY3DEYZ_7o&KRTB&23334-ERMWsRJhXKxxAxmZYZY3DEYZ_7o&KRTB&23417-ERMWsRJhXKxxAxmZYZY3DEYZ_7o&KRTB&23426-ERMWsRJhXKxxAxmZYZY3DEYZ_7o
.sitescout.com/ Name: ssi
Value: a41ab259-3fa0-4c5b-b34b-36f097e41334#1700381998396
.globo.com/ Name: _ga_47NEHP2QTX
Value: GS1.1.1700381995.1.0.1700381998.0.0.0
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1226190852069536688&KRTB&23339-1226190852069536688
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-24ce2dbc-1c16-44eb-807b-e68ec5abc847&KRTB&23011-24ce2dbc-1c16-44eb-807b-e68ec5abc847&KRTB&23355-24ce2dbc-1c16-44eb-807b-e68ec5abc847
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-383984206483609004&KRTB&23263-383984206483609004&KRTB&23481-383984206483609004
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-a902f120-5231-4d73-bf4d-b35c5110e8f0&KRTB&22918-a902f120-5231-4d73-bf4d-b35c5110e8f0&KRTB&22926-a902f120-5231-4d73-bf4d-b35c5110e8f0&KRTB&23031-a902f120-5231-4d73-bf4d-b35c5110e8f0
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-970033169764266234
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIJEAS_A1pYzdESKXUd07aE&KRTB&23025-CAESEIJEAS_A1pYzdESKXUd07aE&KRTB&23386-CAESEIJEAS_A1pYzdESKXUd07aE
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3252457447538295465&KRTB&23150-3252457447538295465&KRTB&23527-3252457447538295465
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005%22%7D
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7760
.omnitagjs.com/ Name: ayl_visitor
Value: 6562ffe0a5361c770bfed578bdd10884
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVnFLgAAwxOjbgBH
.mxptint.net/ Name: mxpim
Value: R33647_10C61F92B_BCE4BBAD.1.00000000000000006559C52E
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341&KRTB&23418-a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341
.simpli.fi/ Name: suid
Value: 80F0BBA4FA7E41C0BC939AA6389B762B
.adgrx.com/ Name: ADGRX_UID
Value: 6da3eec0-86b4-11ee-92b2-1fe6ff30cd25
.w55c.net/ Name: wfivefivec
Value: 3oaS0WqC1R4D265
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_6da550d1-86b4-11ee-a1b7-125edd13ad3d
.zemanta.com/ Name: zuid
Value: 7pd3mgCHSipgrEXWGTRF
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_10C61F92B_BCE4BBAD&KRTB&23092-R33647_10C61F92B_BCE4BBAD
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:80F0BBA4FA7E41C0BC939AA6389B762B&KRTB&23486-uid:80F0BBA4FA7E41C0BC939AA6389B762B&KRTB&23489-uid:80F0BBA4FA7E41C0BC939AA6389B762B&KRTB&23539-uid:80F0BBA4FA7E41C0BC939AA6389B762B
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.w55c.net/ Name: matchpubmatic
Value: 5
.creative-serving.com/ Name: tuuid
Value: 545b3837-950e-48e4-b9be-658159de0d16
.creative-serving.com/ Name: c
Value: 1700381998
.creative-serving.com/ Name: tuuid_lu
Value: 1700381998
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-0e0eb4c1-8555-4774-b7c3-a6ca69f23c90&KRTB&23340-0e0eb4c1-8555-4774-b7c3-a6ca69f23c90&KRTB&23498-0e0eb4c1-8555-4774-b7c3-a6ca69f23c90
.quantserve.com/ Name: d
Value: ENEBCwG7KvijAA
.quantserve.com/ Name: mc
Value: 6559c52e-c90e1-b65b5-f52b3
.dotomi.com/ Name: DotomiTest
Value: 1f17ccb7c1bb0619
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-6da3eec0-86b4-11ee-92b2-1fe6ff30cd25&KRTB&23275-6da3eec0-86b4-11ee-92b2-1fe6ff30cd25
.globo.com/ Name: _pubcid
Value: 7a20bf37-6a4c-45cc-b4fa-265001057383
.globo.com/ Name: _pubcid_cst
Value: zix7LPQsHA%3D%3D
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.ads.stickyadstv.com/ Name: pxId
Value: 1953
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:3oaS0WqC1R4D265&KRTB&23421-uid:3oaS0WqC1R4D265
.tribalfusion.com/ Name: ANON_ID
Value: atntuJriIthP3PTRfVyBte4b93ljfpjXu0Cl6V0PZbQ2cvVF2JPGd8K3q2tqlssDtBx1LYj6xjnUt1rOd1fEdxxNd
beacon.lynx.cognitivlabs.com/ Name: UID
Value: db6c2084-f8c9-4012-b356-397c5b7c2377
beacon.lynx.cognitivlabs.com/ Name: ss
Value: mjMyY4xaRJlBkq2c8aLxchuvgSJXZ5jKKBNDR4vvGMKRS0TdjxlKNbKlc4k4SZKt9kPmAd%2Fyub2NnWAY3GyGXw%3D%3D
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: TqVH7FXZzS
.technoratimedia.com/ Name: tads_uidp_37
Value: 644d58bc-f70c-3926-bf7b-db38f102b5a2
.technoratimedia.com/ Name: tads_uidp_44
Value: LP2J2NIA-1Y-FW7I
.technoratimedia.com/ Name: tads_uidp_46
Value: 8746899364898729262
.technoratimedia.com/ Name: tads_uidp_49
Value: AQEI4567H1WGZQIIjCgZAQEBAQE
.technoratimedia.com/ Name: tads_uidp_50
Value: d9c70d90-26bc-42fb-97b3-e6dd87d910b4
.technoratimedia.com/ Name: tads_uidp_61
Value: 212346979259624
.technoratimedia.com/ Name: tads_uidp_62
Value: 3432393330895085000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: JStKKTHUOwTKt-RoymXGNRHpEFjDJrui
.technoratimedia.com/ Name: tads_uidp_7
Value: c498182e-b799-42bb-b7b3-784f68d2fd10
.technoratimedia.com/ Name: tads_uidp_73
Value: AAGSDE7Ks4oAABbcxTk8jg
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-f0370e15-4cd2-4f3a-8bfb-7659cc33cf56-005
.technoratimedia.com/ Name: tads_uidp_77
Value: lvVgdDzEB9x81iwUvl-ErShhXFAWwM1Tlp3NasdhLX4
.technoratimedia.com/ Name: tads_uidp_79
Value: 811c5dcb-98e0-425c-91a0-0f1be8a382ff
.technoratimedia.com/ Name: tads_uidp_80
Value: y-l5_zBBVE2uH7Gl7gT2EEAvTwe3Bml4Uv~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZVdMbu-xtok30eivb4BIhgAA&3454
.technoratimedia.com/ Name: tads_uidp_88
Value: 2030876436430079012339
.technoratimedia.com/ Name: tads_uid
Value: 4B138D065D894A1AB186121E63B794EE
.technoratimedia.com/ Name: tads_uid_cd
Value: 20231114004519+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-eIKzpS2CtPlj1L-sK4ar_niC5Klj0bOuLIQvgFhS&KRTB&19420-eIKzpS2CtPlj1L-sK4ar_niC5Klj0bOuLIQvgFhS&KRTB&22979-eIKzpS2CtPlj1L-sK4ar_niC5Klj0bOuLIQvgFhS&KRTB&23462-eIKzpS2CtPlj1L-sK4ar_niC5Klj0bOuLIQvgFhS
.onetag-sys.com/ Name: OTP
Value: Cza82SB5vLzQT_1QcYbTXznQHeSik_5akZzXYL0VVBk
.cxense.com/ Name: gckp
Value: 2jh2uh3bj01vk1sld8fvucvk01
.globo.com/ Name: cX_G
Value: cx%3A1ittan2le0csf1qxmvfll9dg4p%3A38dy7iqjbt2z4
.aniview.com/ Name: aniC
Value: 1700381998341-172027074059-000843-013-006362
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-30b13ab7-dbc6-4eff-9e07-01119cc841d7
.adx.opera.com/ Name: UID
Value: OPU7f32106bf5d4441a8d8abd8d9e875207
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAABuI__FtQzKAMwEgy6AAAAAAA&KRTB&22713-AAABuI__FtQzKAMwEgy6AAAAAAA&KRTB&22715-AAABuI__FtQzKAMwEgy6AAAAAAA&KRTB&23519-AAABuI__FtQzKAMwEgy6AAAAAAA
.contextweb.com/ Name: ccpa
Value: 1---
.aniview.com/ Name: 1_C_78
Value: y-aCsD72ZE2uKwOAygv4btypZcP_n4mA9t~A
sync.aniview.com/ Name: 1_C_78
Value: y-aCsD72ZE2uKwOAygv4btypZcP_n4mA9t~A
.aniview.com/ Name: 1_C_9
Value: 209bc32bc2ac8f31366d2dd71d31d3
sync.aniview.com/ Name: 1_C_9
Value: 209bc32bc2ac8f31366d2dd71d31d3
.aniview.com/ Name: 1_C_20
Value: Cza82SB5vLzQT_1QcYbTXznQHeSik_5akZzXYL0VVBk
sync.aniview.com/ Name: 1_C_20
Value: Cza82SB5vLzQT_1QcYbTXznQHeSik_5akZzXYL0VVBk
.aniview.com/ Name: 1_C_200
Value: RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
sync.aniview.com/ Name: 1_C_200
Value: RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-16988f62-f6c6-362e-a0c4-1687522162ab
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU7f32106bf5d4441a8d8abd8d9e875207&KRTB&23485-OPU7f32106bf5d4441a8d8abd8d9e875207&KRTB&23524-OPU7f32106bf5d4441a8d8abd8d9e875207
.aniview.com/ Name: 1_C_55
Value: 1226190852069536688
sync.aniview.com/ Name: 1_C_55
Value: 1226190852069536688
.aniview.com/ Name: 1_C_18
Value: HrmzhQZHj9hnad-STX6DT5p8
sync.aniview.com/ Name: 1_C_18
Value: HrmzhQZHj9hnad-STX6DT5p8
.aniview.com/ Name: 1_C_10
Value: mlf7oMpyiuvU
sync.aniview.com/ Name: 1_C_10
Value: mlf7oMpyiuvU
.aniview.com/ Name: 1_C_23
Value: 6c5ba71e-e7e2-4fc1-be5c-ccb1edc0fd03
sync.aniview.com/ Name: 1_C_23
Value: 6c5ba71e-e7e2-4fc1-be5c-ccb1edc0fd03
.fwmrm.net/ Name: _uid
Value: umo1a91_7304785265137932464
.aniview.com/ Name: 1_C_5
Value: LP57JAYC-21-7NJN
sync.aniview.com/ Name: 1_C_5
Value: LP57JAYC-21-7NJN
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umo1a91_7304785265137932464
.ads.stickyadstv.com/ Name: MRM_UID
Value: umo1a91_7304785265137932464
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 1176108986#1700381999461#0#1700381999461
.intentiq.com/ Name: intentIQCDate
Value: 1700381999476
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUdzJmYUNk
.intentiq.com/ Name: IQMID
Value: 1176108986#1700381999479
.richaudience.com/ Name: pdid
Value: c54ac035-593a-4346-b594-0zz1700381999
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAGSDE7Ks4oAABbcxTk8jg
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEPZK1Gww-8lTLldA5rxFFJg
.go.sonobi.com/ Name: __uis
Value: 23654a88-16f7-4171-9ec0-35f1dab47de3
.go.sonobi.com/ Name: HAPLB8G
Value: s86207|ZVnFM
.aniview.com/ Name: 1_C_105
Value: b8526abd-30ea-4192-94e7-2c6f7deaa902
sync.aniview.com/ Name: 1_C_105
Value: b8526abd-30ea-4192-94e7-2c6f7deaa902
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-p_aXMMNE2oMYvaR1_jxmNXeTtn8Ud_fS.0YkBGqj~A
.adnxs.com/ Name: anj
Value: dTM7k!M4.gEVNsVF']wIg2E><g17U<!]td=8bhzs#DNAqPYwUbU`mpc[SaD-YuM7iXwyvzUd5*M^65p@/X+b)6HQA>q$I`NAiY.v/utNT+F8N!qG(Ts+]4JtYrlXk0*Gf!Zpg]iAwN7f]K>MADb6_:!'Z>wZBuWw
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQNTdKQVlDLTIxLTdOSk4iLCJleHBpcmVzIjoiMjAyNC0wMi0xN1QwODoxOTo1N1oifSwiYW14Ijp7InVpZCI6ImI4NTI2YWJkLTMwZWEtNDE5Mi05NGU3LTJjNmY3ZGVhYTkwMiIsImV4cGlyZXMiOiIyMDI0LTAyLTE3VDA4OjE5OjU5WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTExLTE5VDA4OjE5OjU3WiJ9
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-892
Value: a902f120-5231-4d73-bf4d-b35c5110e8f0
.globo.com/ Name: cto_bundle
Value: esYtO19QRGY0VDBnakd6Y0M2aEZOZzklMkZLbTZ1N1ZjWXlVVVRzJTJGUVFGYSUyQkJ0TndFRW9pWiUyRk5Xa3AwZEU4JTJGdUhhZThWQlRETCUyRjhBdlBLV3pRSDlQbXRSYUhTMlkzQ3BkdGVPS1YwMElpdG83bEV1NTc5R3NubXU1aXYzYlNJS3RZbWRZNjNEQyUyQkZsVVdwQnJkY2YwVHJxT1FqdyUzRCUzRA
.globo.com/ Name: cto_bidid
Value: GUxOKV9UNDg1R2MlMkJFcUdHczNSYXAzeUg3T0klMkJPY0NZalMlMkI4OXM1ciUyQlQ1aGpIaDEzOWxoaWVGWVoza0tBcndTY3R3cUd0QTNlMzEzbTlUY204WjVKeiUyRmFqNVclMkIlMkI3bkhOdExBVzlPWW8lMkZrUUdhT2clM0Q
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.smartadserver.com/ Name: csync
Value: 127:AAGSDE7Ks4oAABbcxTk8jg
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
valor.globo.com/ Name: _lr_retry_request
Value: true
valor.globo.com/ Name: _lr_env_src_ats
Value: false
.casalemedia.com/ Name: CMID
Value: ZVnFMMY0.-GtZegaNPpQrAAA
.casalemedia.com/ Name: CMPS
Value: 1384
.casalemedia.com/ Name: CMPRO
Value: 1384
.w55c.net/ Name: matchfreewheel
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAGSDE7Ks4oAABbcxTk8jg
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiYjg1MjZhYmQtMzBlYS00MTkyLTk0ZTctMmM2ZjdkZWFhOTAyIiwiZXhwaXJlcyI6IjIwMjMtMTItMDNUMDg6MjA6MDAuMDk5ODUyODkxWiJ9fX0=
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: 3oaS0WqC1R4D265
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6ImI4NTI2YWJkLTMwZWEtNDE5Mi05NGU3LTJjNmY3ZGVhYTkwMiIsImV4cGlyZXMiOiIyMDIzLTEyLTAzVDA4OjIwOjAwLjIzODc2MTg5OFoifSwicnViaWNvbiI6eyJ1aWQiOiJMUDU3SkFZQy0yMS03TkpOIiwiZXhwaXJlcyI6IjIwMjMtMTItMDNUMDg6MjA6MDAuMjM4NTA5OTUxWiJ9fX0=
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 1226190852069536688
sync-dmp.mobtrakk.com/ Name: pid
Value: MzRlZGQzNzE1MDY2YjE5MA
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: 24ce2dbc-1c16-44eb-807b-e68ec5abc847
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.rtb.mx/ Name: amdt_t
Value: g::1700382000823
.rtb.mx/ Name: amuid2
Value: 3f5c85dd-05c5-4b25-94ec-69aedc6675b4
.a-mo.net/ Name: amdt_t
Value: h::1700382000901
.richaudience.com/ Name: cmpsync
Value: 1
.pubmatic.com/ Name: SyncRTB3
Value: 1705536000%3A69%7C1701561600%3A220_13_8_196_240_3_166_81_264_55_249_238_165_250_231_178_233_5_7_99_243_22_71_56_104_214_46_48_234_96_21_54_176_204%7C1701216000%3A63%7C1701648000%3A35%7C1700956800%3A15_223_38_2%7C1702944000%3A224
.a-mx.com/ Name: amdt_t
Value: po::1700382001020
.a-mx.com/ Name: amuid2
Value: b8526abd-30ea-4192-94e7-2c6f7deaa902
.ads.stickyadstv.com/ Name: uid-bp-20721
Value: d1532e90-dcf1-41f5-b54f-9f3b2bccd218
.admanmedia.com/ Name: admtr
Value: da282d1f-7575-48d5-bbfc-5e3794a4f214
.admanmedia.com/ Name: ac_r
Value: CS251
.openx.net/ Name: pd
Value: v2|1700381993.8|vPvMgakWgy.iKbwuYhEgKg2
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o2r|8jz.0.1|86P.0.1|7dN.0.AAGSDE7Ks4oAABbcxTk8jg
.id5-sync.com/ Name: callback
Value: https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCJjhxpPLuLQ8EAUSFwoIcHVibWF0aWMSCwisgvGey7i0PBAFEhQKBXRhcGFkEgsIivqooMu4tDwQBRgBIAEoAjILCO6S4-fhuLQ8EAU4AVoLYWRjb25kdWN0b3JgAg..
.ads.stickyadstv.com/ Name: uid-bp-45
Value: ZVnFLgAAwxOjbgBH
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:fe226559-c52a-4300-b170-b415135d8eeb
.analytics.yahoo.com/ Name: IDSYNC
Value: "19cx~2f4w:18vk~2f4w:19e0~2f4w:18z8~2f4w:19dr~2f4w:194o~2f4w:196y~2f4w:18za~2f4w"
.richaudience.com/ Name: avcid-bsx-uid
Value: AAGSDE7Ks4oAABbcxTk8jg
.richaudience.com/ Name: avcid-apn-uid
Value: 1226190852069536688
.richaudience.com/ Name: avcid-ilu-uid
Value: da282d1f-7575-48d5-bbfc-5e3794a4f214
.richaudience.com/ Name: avcid-ttd-uid
Value: a902f120-5231-4d73-bf4d-b35c5110e8f0
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005%22%2C%22nxtrdr%22%3Afalse%7D
.ctnsnet.com/ Name: cid_e2e2ea11f3214bf29806107e271e70a2
Value: 1
.richaudience.com/ Name: avcid-sov-uid
Value: HrmzhQZHj9hnad-STX6DT5p8
.richaudience.com/ Name: avcid-inx-uid
Value: ZVnFMMY0-_GtZegaNPpQrAAABWgAAAAB
.richaudience.com/ Name: avcid-opx-uid
Value: d274765e-b7ed-4cab-b002-f49744d1b77b
.richaudience.com/ Name: avcid-adf-uid
Value: 383984206483609004
.ads.stickyadstv.com/ Name: uid-bp-41466
Value: 0907b07b-564c-4834-80b3-b9b9e8cd16bc
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.acuityplatform.com/ Name: auid
Value: 854172919370
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRXlVJEqEmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUV5VSRKhI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.ctnsnet.com/ Name: cid_313ad0d2f7434fadaf23b0d54669ccdc
Value: 1
.smilewanted.com/ Name: sw_user_params_infos
Value: lRZ4%2B4BjGB75GCG4angrK1B8mldaidZwp81dFDQPqczvjcY2UYzNri1N2GOdzudzzw5tI%2FT39RzyfFz8NqBytcQ5EPJXqrt8Y%2BrY5S%2BAj836flkJZ8e23oAVLm45ba6yuRSdc9V3o4rWhejN0VGAWQ%3D%3D
.kargo.com/ Name: ktcid
Value: 51b4ed0d-3a10-0525-54c7-df485d262b07
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005&KRTB&17107-RX-dacc658d-55c3-4b1a-9a35-5253d202203c-005
.richaudience.com/ Name: avcid-bsw-uid
Value: 30b13ab7-dbc6-4eff-9e07-01119cc841d7
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7536684011275270728P
.owneriq.net/ Name: pmc
Value: 1
.bfmio.com/ Name: __187_cid
Value: 23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
.bfmio.com/ Name: __io_cid
Value: 3ce003e94372674c56a91cb7afe498a68d63f993
.liadm.com/ Name: lidid
Value: 8a6f98d1-b20f-4c81-a08d-a7796064d9d7
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-854172919370&KRTB&23428-854172919370
.ads.stickyadstv.com/ Name: uid-bp-41396
Value: 4115979473928357364007
.thrtle.com/ Name: mc
Value: eyJpZCI6ImQzMDJkM2VkLTAzNzgtNDBlMC1hMDFiLTI5YzQzZWQ1ODU2OCIsImwiOjE3MDAzODIwMDE3MzYsInQiOjF9
.richaudience.com/ Name: avcid-rub-uid
Value: LP57JAYC-21-7NJN
.richaudience.com/ Name: avcid-sma-uid
Value: 4056922767116350335
.richaudience.com/ Name: avcid-smw-uid
Value: 8f2dba26f31170c22b63635a57d8ec51
.adsby.bidtheatre.com/ Name: __kuid
Value: 4a444a71-d342-45f7-b0da-e4e76d5e271d.469596001
.pippio.com/ Name: did
Value: g4Y9RSaMVkxdjoEm
.pippio.com/ Name: didts
Value: 1700382001
.pippio.com/ Name: nnls
Value:
.creativecdn.com/ Name: u
Value: gUltDrtngfKc6h7PWeK6
.creativecdn.com/ Name: g
Value: gUltDrtngfKc6h7PWeK6_1700382001761
.creativecdn.com/ Name: ts
Value: 1700382001
.csync.loopme.me/ Name: viewer_token
Value: 5ef92594-467a-4058-a037-eaab902573d2
.id5-sync.com/ Name: id5
Value: 32bf2af3-b06d-7767-955c-9bf172d89094#1700381995926#4
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 7
.pubmatic.com/ Name: DPSync3
Value: 1701561600%3A256_260_263_201_262_261_259_258%7C1700438400%3A255_248%7C1700956800%3A265%7C1701388800%3A257
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1700403602095
.aniview.com/ Name: 1_C_1
Value: 23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
sync.aniview.com/ Name: 1_C_1
Value: 23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
.pippio.com/ Name: pxrc
Value: CLKK56oGEgQIAhAAEgUI3k4QABIGCOzrARAA
.c.appier.net/ Name: _auid
Value: HdVbeLARDSaqK9F9MsVZZQ
.linksynergy.com/ Name: rmuid
Value: ed566181-d73f-4acf-9d6c-4b77f3933c39
.linksynergy.com/ Name: icts
Value: 2023-11-19T08:20:02Z
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-HdVbeLARDSaqK9F9MsVZZQ
.pubmatic.com/ Name: PugT
Value: 1700382002
.mediarithmics.com/ Name: mics_vid
Value: 54439845909
.mediarithmics.com/ Name: mics_uaid
Value: web:1:d8d63a43-faa9-4888-a19e-821b5786644b
.mediarithmics.com/ Name: mics_lts
Value: 1700382002938
.rezync.com/ Name: zync-uuid
Value: b344e16e-9701-4294-a0cf-f17917cc3712:1700382002.9722192
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13LMQqAMAxGYQTXTj1HJX8STeNttLQHcnR0dPSEDoKC4_fgXV2AEUmGexYZz_6zqect2iqqFVNNboSk7JoWKi01mMNKEQPPz8REPLgxw3mP4Y0C8PHzDZhZtpZ6AAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwQ2AMAwDwA_rBNluhAnbQNQO0sm524e_kTl5zSiDkaqMF71i0UV3D1MPDYxbgM6yxNIPLnjn2joAAAA
.pubmatic.com/ Name: SPugT
Value: 1700382002
live.rezync.com/ Name: sd-session-id
Value: .eJwVzNEKgzAMQNF_ybMdTRqapT8j2kUom92w7mXiv9s9XjjcA8aPbetUre6Q9u1rA-RX6dUgHdDKb7UnJFDxPgSMKpEpRgoM5wDNWivvOpZHJ3NgNozmukXHpOwmnxe3oChKzkGQEv4_d_KebipEqATnBXnaJMY.ZVnFMw.4ZLBSq9Z0ciaAtlKX7hSJ3_xYqo
.rlcdn.com/ Name: rlas3
Value: Xy/fKaqTW/mh89Jm5zJOW34bB1XLEvy2ZBnIjLd0gRA=
.rlcdn.com/ Name: pxrc
Value: CLKK56oGEgUI6EcQABIGCLbqARABEg8IuuoBEP///////////wESDwiQvCsQ/P//////////AQ==
.360yield.com/ Name: tuuid
Value: a44467ef-dd25-4451-baed-215ff6a239d0
.360yield.com/ Name: tuuid_lu
Value: 1700382003
.mathtag.com/ Name: mt_misc
Value: mt_bt:1700382004
.360yield.com/ Name: um
Value: !79,RE9wpT-KDpDRN5EiZxEIQoa1wnxCk09DOKHSIV.q8DhkslUZi1SV2uclyks5brQp5lAeDTJ7FIJThAHn,1708158003!313,RE9wpeb62RD6eDdNEeAXcXCfR7HuCWzFr50kVwNm9n2sL.ZOYm0GJQPd37l5xPE4Zkgly..0sTZ8ZGfE,1708158004
.360yield.com/ Name: umeh
Value: !79,0,1762590003,-1!313,0,1762590004,-1
.richaudience.com/ Name: avcid-pmr-uid
Value: 23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
.richaudience.com/ Name: avcid-pmt-uid
Value: 23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6
.sitescout.com/ Name: _ssuma
Value: eyIxNSI6MTcwMDM4MTk5ODU1OCwiMzkiOjE3MDAzODIwMDQ5MTcsIjciOjE3MDAzODIwMDQ5MTd9
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bHvHUNzAve5WTp6X1XS67N80UiJJiqwnvePS0asmv1AIZ+sIVF6TV/VCdsuZ5kHRMUa58GG/Jg7s+CAnekPgJibJK1ZNT9xmQP5ZtWmzcqDTQmsd6cmBZ0t
.id5-sync.com/ Name: 3pi
Value: 2#1700382000615#1635590431#1226190852069536688|264#1700381999232#2087375319#a902f120-5231-4d73-bf4d-b35c5110e8f0|104#1700382004933#-1974027988#30b13ab7-dbc6-4eff-9e07-01119cc841d7|108#1700381998947#-106850614|429#1700382000281#-962616015#23F8581F-A7A9-46F6-90A2-5F5C43C8BFC6|464#1700381996257#1013842609#9ddab3d0-2ac3-4051-be4f-dd32266c3628-tuctc534aaa|112#1700381998619#-511913055#B15F63C19F3A171F|434#1700381999887#911678892|18#1700382003130#-295876578|19#1700382001636#1449717358#103a4eb2b48ab6d079714013a2e45a10|821#1700382004566#1461383394|441#1700381997009#290357712#u_09202f15-366e-4fe3-9aab-4802ddfbd89e|826#1700382005334#1916695587#a41ab259-3fa0-4c5b-b34b-36f097e41334-6559c52e-4341|124#1700382003839#-397658061|286#1700382001269#576736852

87 Console Messages

Source Level URL
Text
deprecation warning URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/85725c46f1bcc1991d1953a008c08562.js(Line 22)
Message:
Listener added for a synchronous 'DOMCharacterDataModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/85725c46f1bcc1991d1953a008c08562.js(Line 22)
Message:
Listener added for a synchronous 'DOMCharacterDataModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://cdn.ampproject.org/v0.js(Line 1)
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://cdn.ampproject.org/v0.js(Line 1)
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://cdn.ampproject.org/v0.js(Line 1)
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://cdn.ampproject.org/v0.js(Line 1)
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
network error URL: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js(Line 18)
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js(Line 18)
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js(Line 18)
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js(Line 18)
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://cdn.taboola.com/libtrc/article-detection.20231116-8-RELEASE.es6.js(Line 2)
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://cdn.taboola.com/libtrc/article-detection.20231116-8-RELEASE.es6.js(Line 2)
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://www.googletagmanager.com/gtag/destination?id=G-47NEHP2QTX&l=dataLayer&cx=c(Line 393)
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://www.googletagmanager.com/gtag/destination?id=G-47NEHP2QTX&l=dataLayer&cx=c(Line 393)
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://cdn.tinypass.com/api/tinypass.min.js
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://cdn.tinypass.com/api/tinypass.min.js
Message:
OTS parsing error: GDEF: misaligned table
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
Failed to decode downloaded font: https://s3.glbimg.com/cdn/fonts/coranto/bold.woff
other warning URL: https://valor.globo.com/legislacao/noticia/2023/09/14/receita-exige-irrf-sobre-direitos-creditorios.ghtml?utm_medium=email&_hsmi=281529863&_hsenc=p2ANqtz--rkpS5aX4ntau7kcTigubaOEOiUqw8aMO18oDQuju9zenhTsaNnl_KJ7xjrybvG0HbmUmEbwViuCRWz2GrttbMaYWVd0iR8X3-wcuDxGlkkx5T03k&utm_content=281529863&utm_source=hs_email
Message:
OTS parsing error: GDEF: misaligned table
network error URL: https://buy.tinypass.com/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://buy.tinypass.com/checkout/template/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2023F8581F-A7A9-46F6-90A2-5F5C43C8BFC6&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.aniview.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.aniview.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.aniview.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.aniview.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://038a2f0220674b4e8c9404adca5d27d5.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.googletagmanager.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://google-bidout-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pixel.mathtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imprchmp.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ch-match.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ch-match.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://buy.tinypass.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://buy.tinypass.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn.cxense.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=valor.globo.com&e=27&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=valor.globo.com&e=27&uid=b8526abd-30ea-4192-94e7-2c6f7deaa902(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=105
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://valor.globo.com').
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1580&userId=4115979473928357364007
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://pippio.com/api/liveramp.com
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://id5-sync.com/k/285.gif?puid=LP57JAYC-21-7NJN&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

038a2f0220674b4e8c9404adca5d27d5.safeframe.googlesyndication.com
1f2e7.v.fwmrm.net
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
ap.lijit.com
api.permutive.com
api.rlcdn.com
assets.a-mo.net
b1sync.zemanta.com
barra.globo.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
buy.tinypass.com
c1.adform.net
c2.piano.io
c3.a-mo.net
capi.connatix.com
cdn.ampproject.org
cdn.cxense.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.navdmp.com
cdn.onesignal.com
cdn.permutive.com
cdn.petametrics.com
cdn.prod.uidapi.com
cdn.stickyadstv.com
cdn.taboola.com
cdn.tinypass.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
ch-match.taboola.com
ch-trc-events.taboola.com
ch-vid-events.taboola.com
ch-wf.taboola.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
cocoon.globo.com
comcluster.cxense.com
connect.facebook.net
core.iprom.net
crb.kargo.com
creativecdn.com
cs.admanmedia.com
cs.minutemedia-prebid.com
csync.loopme.me
csync.smilewanted.com
d.turn.com
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co
d4jvmy04.na1.hubspotlinksstarter.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
events.newsroom.bi
experience.tinypass.com
experiences.mrf.io
fastlane.rubiconproject.com
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
gadasource.storage.googleapis.com
globo-ab.globo.com
globo-mab.globo.com
gocm.c.appier.net
google-bidout-d.openx.net
gov.aniview.com
gum.criteo.com
hb.yahoo.net
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
i.liadm.com
ib.adnxs.com
id.a-mx.com
id.cxense.com
id.globo.com
id.hadron.ad.gt
id.rlcdn.com
id.rtb.mx
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprchmp.taboola.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
ivccf.ivcbrasil.org.br
jadserve.postrelease.com
jelly.mdhv.io
lb.eu-1-id5-sync.com
live.primis.tech
live.rezync.com
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onesignal.com
onetag-sys.com
ow.pubmatic.com
p.glbimg.com
p.rfihub.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
player.aniview.com
pm-widget.taboola.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
query.petametrics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.glbimg.com
s.seedtag.com
s.tribalfusion.com
s2-valor.glbimg.com
s3.glbimg.com
sb.scorecardresearch.com
script.hotjar.com
sdk.mrf.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.chartbeat.com
static.criteo.net
static.hotjar.com
static.infoglobo.com.br
stats.g.doubleclick.net
sync-dmp.mobtrakk.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.bfmio.com
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.navdmp.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
sync2.navdmp.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tag.navdmp.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tags.t.tailtarget.com
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
track.adform.net
track1.aniview.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usergate.globo.com
usr.navdmp.com
valor.globo.com
vast.aniview.com
vidanalytics.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
www.youtube.com
x.bidswitch.net
ad.mrtnsvr.com
ads.stickyadstv.com
cdn.stickyadstv.com
globo-mab.globo.com
id5-sync.com
ivccf.ivcbrasil.org.br
token.rubiconproject.com
100.24.189.89
104.112.34.49
104.18.41.104
104.22.69.131
104.36.115.113
104.36.115.123
104.87.84.208
104.96.238.138
107.178.254.65
124.146.153.166
13.225.195.23
13.32.151.127
131.153.203.243
131.153.242.59
141.226.124.48
141.226.224.32
142.251.163.154
145.40.89.32
147.28.129.140
151.101.1.108
151.101.129.44
151.101.2.49
151.101.65.44
162.19.138.116
162.19.138.117
162.248.18.34
162.55.236.224
169.197.150.7
172.105.199.172
172.240.127.128
172.64.151.101
173.0.146.5
173.223.163.210
173.231.178.116
18.157.98.121
18.160.41.49
18.160.46.100
18.165.83.79
18.204.254.22
185.167.164.39
185.184.8.90
186.192.81.117
186.192.90.3
186.192.91.5
186.192.91.9
188.166.17.21
192.132.33.68
195.5.165.20
198.148.27.131
199.127.204.171
199.38.167.131
201.7.177.178
207.198.113.89
208.115.232.150
213.19.162.90
216.22.16.53
216.22.16.8
216.239.32.21
23.105.12.172
23.105.14.97
23.220.136.208
23.50.125.215
23.88.86.2
2600:1408:c400:1680::2c79
2600:1408:c400:780::268b
2600:1f16:e61:3f02:8513:7dd7:332b:6625
2600:1f18:4e9:5a02:520a:c711:865a:bf81
2600:9000:201e:2200:1a:5235:f980:93a1
2600:9000:2073:ae00:1b:6b7d:2300:93a1
2600:9000:2199:2000:a:e047:753:a221
2600:9000:24f2:1000:19:c363:bec0:93a1
2600:9000:24f3:a00:18:1fcd:353:c61
2602:803:c002:200::32
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:10::6816:3d5a
2606:4700:10::6816:545
2606:4700:10::ac43:266a
2606:4700:3030::6815:4222
2606:4700:3033::6815:325a
2606:4700:4400::6812:2173
2606:4700:4400::6812:29aa
2606:4700::6810:ff3
2606:4700::6811:190e
2606:4700::6811:7711
2606:4700::6811:c376
2606:4700::6812:19ad
2606:4700::6812:907e
2606:4700::6812:d63b
2606:4700::6812:dff8
2606:4700::6813:9e13
2606:ae80:1471:15::410
2607:f8b0:4004:c06::5d
2607:f8b0:4004:c06::61
2607:f8b0:4004:c06::64
2607:f8b0:4004:c06::84
2607:f8b0:4004:c06::cf
2607:f8b0:4004:c07::9d
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::84
2607:f8b0:4004:c17::63
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1b::9d
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2a03:2880:f07d:0:face:b00c:0:3
2a03:2880:f171:81:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42:200::714
3.162.3.7
3.210.155.151
3.224.166.52
3.225.218.10
3.225.231.138
3.228.65.117
3.232.219.155
3.33.220.150
3.89.216.2
34.102.146.192
34.102.253.54
34.107.254.252
34.110.201.227
34.111.113.62
34.120.107.143
34.120.155.137
34.149.50.64
34.151.224.123
34.95.229.88
34.96.70.87
34.98.67.3
35.186.193.173
35.190.14.224
35.190.39.111
35.194.66.159
35.198.44.170
35.201.123.184
35.207.24.140
35.208.249.213
35.211.178.172
35.211.79.33
35.214.232.91
35.227.252.103
35.241.9.51
35.244.153.86
35.244.154.8
35.244.159.8
37.157.6.254
38.98.69.175
40.76.134.238
44.209.50.245
5.161.204.250
50.57.31.206
51.222.239.232
52.2.49.56
52.200.82.255
52.223.22.214
52.23.71.199
52.33.237.62
52.46.128.147
52.5.229.57
52.71.26.24
52.87.59.166
52.95.125.22
54.145.78.184
54.165.249.28
54.211.145.128
54.211.177.173
54.73.231.29
54.90.202.184
57.128.96.95
63.251.28.234
63.251.86.49
63.251.86.50
64.202.112.159
68.67.160.24
69.166.1.67
69.173.151.100
69.173.151.96
69.90.254.78
74.119.119.139
74.119.119.150
74.121.140.211
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.98
80.77.87.166
82.145.213.8
96.46.186.182
96.46.186.186
009cfbc20adb1fec0efb6d41155a318cbba11e2787e557f49a5189750ea5ce62
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95
00ee2ba595e74586a6afcc0ba4acd373cb49bf40e10b4ddd35cde8f2cc05e4d6
00f656c08f93a334576cf9c57d9aa253151c89b32c1361757aeb2f670b77d8bc
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33
03730114e14df006d93af95fa5e3a03320c6440049cf51fedac14297370c35c1
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
04e2ecf680f823bc9e6f00b5a109427b33897f373fc069fb515305ecf67fc901
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
0a7eb8d5f1f931b69d0429bf81094462fbe56c921beda3856d390d7bc3a41fdb
0b3d5bef14f57ea321b299bd80ea70df309ab8e388e247dab27d193f3cda8000
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e3b0b57589510e2b8c48b06710b0c6d7701be2d6e011df6e3885f6d14e37b85
0eb9653dcf9e6f0a00d34e3edaa6613bd6dca5c74b05cd5670af3d963a97e528
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19
176a01f7f19214c673613a90dc83949dac286e3d4de5bacdb0822e5115f204ef
182942210601280ef292c922e76fb4a0d80bbb5dfbb86f6fcdd2dcb9adc95513
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18eccbe6b3c90fccf23360c3d683ec9e07c23e588a5a514b3a58070aa9392728
1c9b6505540ab042fd8ccd61c0153daee7fcb9dcc550aa271a80912c33a5541d
1fbb2b4285833122a29d3225f0f64fbfd145042ffbfd3fc340b4eb9d61c9fae0
216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840
220b591ef26fc7da309f1fa8316c36cb6077411fcb626774bbd54b65426f3bd5
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
22d6642630d6b107b94d3b94b828d925789dbc0965908acf5056e0c5cc31087d
233bd4af48fbf388163d5346e51713244c3feb1adb12012a298390eaaf793993
2355bf4657b090840c6670baee3999a0c5e66d96c9a906743331e213c41be6e4
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
28c7dfa5469f6a802194f9a439c6da9d26fc09811a266fe73cb0676c27b3914a
2a1e3ed7601f81264b0b002d25bdbd9f93c3b34533a516d1d373f9ed74d67800
2a5969fcbefd7da7544dab35d520874fc14d959a0b97b051b220e8fa18cda3a0
2d43e229334bb4a8ceff420ff774ed8c411c029ac32c2d12dfd64f1364245877
2d46788d01c1ef24e0b474623843a6d280091ed24685343e8398493ab7b400f5
2dd07486c05d84f1ee6dc210417643db96d73fade9347fa8c3a1fd48639e9f04
2dd20c9f608f4732b5cd45798d8a80feff63851f59549bdc56a867089834051e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edf6c53019a943b4375763a013c04b8503bbc9e45fa206ec7e5a18760a42c66
2efe0550c417d477cfc4f9be2492461f4e60486c7dad8e9e074f88d83c964284
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c
307b2a1b987b8000b3865aa975e3d52ab2b2b6c3ef1e12be2a865caa3b58535d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31cbf06e27a793a883dc0d861bbd0e6a016e0eddc822d8cbcec2f10f34884229
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca
3361a2d6e114c0b3ecc648f7fce5c4207aee2f4bacd07cf78b7fe52abd28a4f2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470
3ae8cfd578c1c05dda21096f7195870ebb1c06489da9b6e5cc66e7c390b1791f
3ca4ffcd9ca7d40a1f7238689870a16b3d2bd9c849a8bcd3215b08b44b4b2e44
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df19cbda74c943d3de0afd5990621355a70da8a743580d10be83fbe71dd500d
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e7b76df538ae6607ca2f5db9515a3ef674f2d054cd985f512dfc40d39869f1f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4019c21d0548b6f800bb18b07e02dbd423cb1735d243e910d14a734ce9953f8c
4029748d94d28184c8695eee95ac5c05567dc89fd5e64f961f2a581595b85f6a
40fb822786eeb5727b7b76e4b8fae42a204c2420fc1a1138fe26c3663713dc64
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
450e63e973d0f13d050e0668366079203ff6a3029b4d8a101d06fd606284adc5
45d34bfd3325f274af5887cb4e00c38b978798e12218bb27afc5bf8fbef17bdb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4771b6e6d80480ff9d9ca116255b55e6a618fe445961840333b32a1315255e50
478b848ad4901208d607bd872101cba7605aac963ccd5b204e9849e49285c479
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e609cb951cc90235ec4ba644699475f9dbd6d2d685d77aa6d5de628d61845a
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49353af271b330cd455e55df7b96e606f79f95dfae285c63c9836d4afacc4fdb
4a29ceb425d054195d839672011fabe9a5bd1af1f7cac8bbba4eec1ac3955950
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7432396eda31862e90f1036288760df11037f2098010717db85de692c76164
4b7438d8b0b18bfbf32dc84a475493497b57f9e14ca96cdcbaf4341ed43312a2
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
4c23865d180f804df030e56f4d06adfdbefc2e8720b8553596036387e23ab9b2
4d6ba5913127b81a76b25ab72bd7352876690efb0e42d1825f7618b5cbd52f85
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692
4ed6110c7b4c370b9850df3925474c2abc41b46f5fba6a159138da8d505575ed
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fdfc2005aff2705bf2ebe658f396d2bdc7eaf312ea35d03ec300d0a4a373621
507acc179bfa7c929b83831d028f83b5fa85a02c9426588657ece1da51ae6b43
509ef6cbf39ac9f7498c733a3b4699bfa113ff0ec1950f2d72245a52fc8039b6
50dbe4629a7faf36662da5028d0286b5209d4ba33f8ce508c19e176e65d49bb2
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54543d4f0097145efe0383890d385a073eb5a36d04fb57a8655a80301da4f171
551306234d9946712a8a723c859ae564f39848aafce51ff78c25cb1ae0842554
5532eaed315fd695a665a8f4d4fca1797cfd97b26ffc0acd93f71a1794e7ecd8
56b1c88c8b62434e59549e320901886f86e83f95d09c13e20ab2bcdff03443a2
57837c8c9030b13099ca823a3ea80570b287ccb7d5d532ea0638e4ed847e27d3
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
59b71b192ab7d1f6499c046138f9cb3c954dfbf618f265907c4c7df049cd78dd
59eb2597946aa8c95434f9ae866a18d834a05d0a1ee096c5a649f59ab1de81e6
5a9964d2c400d0e6c1b7fef236ffb9eb74b5c1b69fc38c1ab51804750422ff8e
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5bcee7a61c2166a0a79833e30496d4dc21e5cf2e917e519584bb818035fd8a01
5ce31c9e5bb3366c302a94cc52f911a6540e6bc97092a73007265edad789b700
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b
60d56367b142a937632bd2a539e4ee374db577563956f470db4a83d579a8ea33
611dbfe2dff7e4e45b65030f4d49644d83eb5b27c5ec0a139bbf3140e72d6bb0
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6702a47aa83925ff2518e67f77686353b42784bc15344e2351630e9d4a9c94d4
67ac4c2976f738cbb4b218b8ffce20a613350aa7a83964978f73732682df1fe7
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463
6ac23a2c3debd2714f1b1c1a38978aaca953d73d8cdf399262b0c0db1eac15b8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1ebb00d0ce17515cb7a55ebb6a4e6a859e04f992074e5adedc8790014d5db8
6b1f4c68840bead4eee39c1f6c606186540f361d1b06f45961d5e6a346e9978c
6bc54bbcbdd29887d2267d3fcece5237ca9ab58cb12bdef899f65b79f69d7654
6c253deaf9f11c65430a5d88e297652ff909d5fba8554309e7d7c0d402981f37
6cb71945ce5e4010cfe0b8731f9ae974a360094baedd4caf6851657d023a0868
6ee63ffdcfa0a90d3f0ca89557eccb2c0e115f8e5aa9cddd3def8e0aa46c8692
6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0
6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991
70581469cad36af8c20af634aec3143e9dada729daa893ca1a182dfde6dfca9f
709ce82adb613a29043fe6a6cd62f839d821b07308311298dbf55bafa5148c5f
71c61f2dfa7f304323163478fe9e1bc1cfe3910382a43142b55f61be5af8c670
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
736f6b52673d572c60fbe1bd2adb990616435bccb1768c320d273a617e97e48e
738d4c7e29f7fc5a24c610c2627a1fc6cfc401ad072fcdf270c5129d25e347a0
747dca702ebf4e0af93d9f328eb715bdfe8b46c4dde12f85801bf9efb6b69711
74ef1019e1feb14ce9e35e3100d74f5bdbcf6cf88610f2a0cfdfd6ac3639a0ef
759c253fc9b8e853c08f1c897ea15c058e12ac4cca0dd7a2c18c8119a9d33421
75f83da73873b66b78eab7f68898fbcff2cc351f015f6cc7da8b6a675ba956af
76176641f04073c7bbe3b12005248c0493cb24d64ea73e18fc82d414219bcf00
766fb669cff8eeacb41ffa793bd2ec889dfef271615b6b147e9735430b091d9f
775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4
776d5ee49a2eb882263aa60b36d2470c1c1c81c77b29d765b86f9afd5e437adb
7af59f6e1af5ff207fdf5079363a3660bf9139eb4c70e6e7cf7d8f4a2b2c9481
7db4cc68c102ecfbcbc49b62e6dba51cd9bf57bf080fb022ee560e79193f817f
7e1e2c86c0c874e7ae8635ac7f7060d698b7e967a4ebfe7177d68fb2a5eb97db
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782
7f91f510bf434dc755bdc34f34662d421c483e144a31f09cb0f9a18a79a6b615
80627bee1c974558a5409a1be1ede96a1c9794307d143c2d91fa6024907cf375
8114ac25e02b6f5f0284f77adbc83eac75b3cd437f7c36df800043cec4c2a6bd
82b46b23fab2bbaa5c4a40db130fb598b848a304e15228e6b053c4f6e1a0437c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
842f79ad5f2dc0b38f7d7fe88ef199f238a7ff01d1d7e0eb5671f3add33e7f5a
854228f9c07bc1adf5cc92cb46023f12a84189325c907ed188dd7bca86cbf2b0
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b
877c319b8a36e65249be764ce80ef3891edd45848ba3627b95c7499feb0be48d
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
88b5d3d3501a35e93441969a766d4cdf3d9f5d87d4534e13d1d7d64793cc6006
88bc30605c8d737cbe84860cbbdbe49973cc102be3daa4222c824725df74fbc3
8c7b40ea1549e7fcc5ef244636575ead590880097216718b0ec6f30f3f42e18b
8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8fc230deb1df33d4975b34a6121f3e81f6b8d1028f34b91f7c8cadedf8157f6c
902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
90d3a6dfecc505f3ecc370ebba908aae85b325b408f43eda8094ca9d70c4b64e
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
95c1905d6f9676d998f6b9383c6dd1563451e47fee4ca94ba5a2016c7384e533
9659dc6db64ba0d3843f9922284b6d880f3123aebd75e40916bc99d6b1276025
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
96bb900ecd2c69b403611de7edc024e0af7f4d9c27a9f20dd30cde67053a0ca1
971a755a656fa51f00115c69b1e4d52726abe38486fb72f190b28f91d72da7d2
974bd0ea76eacc8547f071714a0d7b1bd16d933c99a5aad60a884d675ed67980
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99421b40f443184550985570b0be696135f3d6a5b7cad183cbd1486160b11524
9abe36a97e71f63ed5b12f153574f90a80c49470f72ab06a0466a21432445967
9cbc1c74ab88d900ab8c11985f9188ffa5599cd2a3b76f091b6faefd9b46c75a
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
9f42fc5d8f8c33838ce19c2e9e5fb47007ed9a594ec04152dc677df37349d8c0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a21cb0da011f7f504e66e69b7136a2063ce68d6354a2d10b7cb783f6ca09e2a3
a2d3e48900f4680ad94aad4f198125d9a80ede15a94dec5a3f281b2780e52df2
a2fa22e4ec07e2727d4d4bc2256e84153b63d770671f776e9bc3e465d40955fc
a3d802214cdaf6276aa13b5b161820bbc80660cf9429124233334b07a2d7978e
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a7beb23c181a7b6a3f061c95e1ee46960073d3cc8381bbf780e686b5c230f6ee
a9783394b55602596983034351126d66a03c4fff21bd4109f536dc90eab7fb9e
aa3ebe966a050c4716fb681161db8c5e3c966e7eef21dbc7dae3a79fd33bd535
ab84b1e93fa26d4f95c1beafb16864d68ed7baec6ccd02ec40537f901e5f1706
ac2b0b24d095a1cbd0b3a8a099a9df8c82013e2901a7a46a0a47c1b50d941e05
ac3823427caf793cc128de0953717514b32475897dfaae29355110c69a578ec5
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aeadcdf0eb9f4e120c4e645ae666214d4bc179d68a887eaedbd199c1fa09d9ca
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb2910cd48baced09fe077e4d1235f420a5d54e3ea77d3486dab47808a1c7fc
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
b2fa9e3dae5dbbeff1a290230de82cadb5d0e616fd1600fab1dbd448a383d9a9
b30e332b569a4d1d3e934db078b1548179ceb8de1c861f521f7c9f8c46433501
b32727c03906e98b0935c7d907b46ce259901e7b2d54daa7eddc76e440cee8fe
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b46cd91a010005c7903fa99700bd9b3c1067abc7637ce7ba95ebf7cf8b7c621a
b47c015ef4aa39c3a3bd1c0e61b78a362027892650a3d892cfa9ae812fe40dce
b4cabad8f7acd53a124327c82d6f16ad3eb6bed29b3b181d79bc712884ab66a5
b5d936e8f69e1be113998144e31013a6796c748b3934aad2fa9b54c35955bf9a
b64321fd8b690c2b58b4a8f3959e97720b3db0350445ec3947e2e8cc3409107c
b7a28df9fd8e8ad450daac5b094b18098193278b633705067d357e5332b5715e
b7a4a28bcf0655818ebaac8a278b79ac019b956c6d42ccbf1b7cd47987a56b7b
b7c0515d686fcba9fcc6630d96fb9b37c3e3de1bb867f0fec81bbd6c0a02151a
b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e
b8bbdea0231ca9ac54813d067a86ea8a7f0c5b9a38e53fb3efb9841bd159bcbb
b9c3b964443437025fd23526c4bd322bdd844c4c2fbc2609e6f35704305faf2d
b9f6160b7ea7d0645d6201d24919b7289061f8d021e3c245ad5dd7b00ec66ff2
bb12f1b9b6d3171f23ada2b0c61fc393ea0dd63a2fe558efc7530f1565cf53e6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bdd8a03d4f991abc68b26860acf789b9ab8b01bdb33b59a9f5861e68ca07f6b1
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
bf041f84fdabf5b01ec7a65485603bb73b8e4c6bbe082fdcb02ad5484a963b3a
bf6eb82493b60f74e736c5886981564fcdb45f75ecaa44c6290008bbf323440b
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c162c24d025b506f8ff57152e97304543407b48524ae2f60d8511450907f2ecf
c178398ef82510f868f44c74e911948d2e8c4b97b2242ba0472462ff67f0303e
c1b9adf8339750ad910b2316ceabb71d5e180c2afd37fa69d529601c3f396fd7
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
c48be05c166fb4074712158f9c90bd8a54fc5bb2ff60fd3277a7b5196ccc7683
c4adb585bf236d81bd0243e705b1c7692b1d3d3a1531f29222edf5fde4a8f85f
c62c1262a3980cc998af26426f784de47bba0a94eb43c20e6cd328cc2fad7f9a
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea
c6e3295c85d94b5773e851970bfa0736393d34995e5b360ff8b26c8abd054526
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc471ee0f572578df74acf3d6a20d16875d27aa5f5131e271fb4e4de72201a8a
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9991005729b8aeaa16ece0906e19a7a3016e183e2e605cd53a1aecdd1b2c80
cf9a3cb0e83892ace23312c3579b18f4b375ddefb773d7196947f8fb4a958972
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d017589fa69958fa0c56326427020cffafb942f39a0d95abd1f81bfb8ee24bc9
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d09a661a5c0272509f4b4189bbf011ba0d535abc7d086af9e80c649cf7a48f63
d0c3fd27793b4ad3d96fb90fe9eaa3a9e9ffb9c1ef559c56e1d1516c70390cbe
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1d2695d0c112c9d5b23ef14a49b65ceb35c97a345fb51e1d9cd9fc40befb651
d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a
d231dab03e0f5f208538cec3a7809ccafe18021983a419c628ecda4b02fa5998
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d324e696d8eff869aba1a11fb57ee5ff41d486c1f4c0a4c41e70c705e8194cbd
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
d41871d2894dc875d0dad73822efe7d3d43c459d53dde0e0d2006cd5c7427e75
d44483addf892d0b839205f58ba775533f62e867bba1f2dfa51ed123b4d690db
d4ed05f61d36bdb02fec1df443c9157fe21428f5075a159ff9abf4a4e32e0dd9
d60664bf06593ab62b851e1a308da845baffdd53d5558a879da2ca09ef4995be
d74840ccc975374b516080bcc2767782fa3845f14cc8e6ab88d00084ce3795dd
d7519a2072da56ecf3d5fb43f93b16ffa35bac03ac976f4ab12f5c963243bd17
d7892e60168bfc032a138022b791574fd2f6293d20ad3f9fbb5ab78d0e0d19b9
d7ae5a16c1890c44613e6e40818266e052783bbbd2b202836a5a7e014ece53a6
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
d8d9c349e2a698ffd9173634f3510a5f0809c6f27ef2d7d606240b65b3e21ee3
da417b10878ef530228ad8bf0950fbb2cb5471a51aea7491d508af71ba394f09
da8b00f157aa030065e2d6a06149909cd367c6ebe8613a0ee506e636b1f7aae0
dcc78af1790459c45719d2904ebb8d7de7afa98c65d553d5694376f7c563101e
ddc041cd2ffa47bea44617869730c0b26a1d4a6a9ef2de99638a067d1de25ea8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
dee32c544c24688ffa777c45da3380a2caba8029e1b91d92d34b10b8cfecf881
e039eaa1014ce5fbd0c096b926dfddc8e3fb9e459dcb8a60575df8cc1a4f5cc0
e0e712940af9f91087b951cd6475c117c6f478d73e5227b9a9171e76cf2deaaa
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72
e24f4435ed44c776ecd6169210d9b1b0eab440299182a8519027e7b1d59cbf96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f422ae8bc9e4874e20a1d051cc2cde9a2e2f0e84d8a4ef84a82d90b3b5cc79
e42cf3976b8c8bef71d2ecf2eb176043d2307d4506590b878d4d5788ebbab233
e4e03fbe66c13e33252842f0a6001c66bcfd1bb15f0f05bf101c8db63b5fe811
e55a66876be723dbcc8eba884037f31f46384fe47f3f6106c23d83c718cdc516
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e66551eebdaa1838d6a95826d6daccef70d7abd6efbba56a7849b30a6beb00ec
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d
e942c073069728b6b8c042eb356a093d31afb1b84da7c8bc77049a9a43d1cd77
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa
e9b1a3ef8a88c12787fec313c22dd882e13a5e9f231200e912cc382a1fa351f8
ec0d8435d5d30bc297e0b2db3f87fe8fc998b3440d56f33205e702c57a84443d
eccca3a8f1f0a223cb70c266eb49f81499a54e21424f54e495199d20cdbc44c2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d
f27df02646b039f3416255bfd9722fc82e64ce1ea9bf34443da85cf4a681d194
f2af01c7f702a43aac8fc6b9a28e8bab64c460dcce821b1be1e4770d9d425730
f2c98a4e15dd52882dca689462634bd640af1c43ed09a74bd70a4fed3d7eba54
f67929606820f003a6fa9a1dfdad35cbc9942639084c211444a4dea01568c48e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6cee1ec9998e38cff16e5acd386d4b4b420bf291b15dcda7df2e4466f876e89
f71c0aac9d0e7abb32cd8ed1dafa96062b10b692338e59e1918798aee1b3a641
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fcb60d1bf016f82cffdb924d90fb89f2fbb6688e366fabf4020035b9adc7d923
fe76301e439f1fa7e524181294abb6fc4c8a0231b64ccb66c90f890f4313a13e
ff662943a24fb10f26be94401b2122363fa8a18960f03d53609fff7fc826e934