globoplay.globo.com Open in urlscan Pro
131.0.25.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Submission Tags: demotag1 demotag2 Search All
Submission: On January 03 via api (January 3rd 2022, 6:55:10 pm UTC) from US — Scanned from DE

Summary HTTP 354 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 100 IPs in 10 countries across 61 domains to perform 354 HTTP transactions. The main IP is 131.0.25.109, located in Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is globoplay.globo.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on September 20th 2021. Valid for: a year.

This is the only time globoplay.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	131.0.25.109 131.0.25.109	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
10	186.192.90.3 186.192.90.3	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
11	186.192.91.5 186.192.91.5	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	186.192.91.9 186.192.91.9	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
4	201.7.182.243 201.7.182.243	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	131.0.25.90 131.0.25.90	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	186.192.81.62 186.192.81.62	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	131.0.25.59 131.0.25.59	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
12	2600:9000:211... 2600:9000:211e:2a00:8:e35d:8840:93a1	16509 (AMAZON-02) (AMAZON-02)
1	186.192.90.11 186.192.90.11	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
2	131.0.25.68 131.0.25.68	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
2	2606:4700:303... 2606:4700:3035::ac43:9e15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2606:4700::68... 2606:4700::6810:df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
6	201.7.182.142 201.7.182.142	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
20	184.30.24.194 184.30.24.194	16625 (AKAMAI-AS) (AKAMAI-AS)
11	52.19.142.33 52.19.142.33	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	13.32.27.16 13.32.27.16	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
9	2.16.186.234 2.16.186.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 5	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
5 6	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
6	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
4	2600:9000:205... 2600:9000:2057:600:1a:6635:8d40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.147 178.250.0.147	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	52.72.241.250 52.72.241.250	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	186.192.81.117 186.192.81.117	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	143.204.215.8 143.204.215.8	16509 (AMAZON-02) (AMAZON-02)
2	13.35.253.86 13.35.253.86	16509 (AMAZON-02) (AMAZON-02)
3	3.233.108.24 3.233.108.24	14618 (AMAZON-AES) (AMAZON-AES)
7 16	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	13.35.253.69 13.35.253.69	16509 (AMAZON-02) (AMAZON-02)
4 4	3.94.40.153 3.94.40.153	14618 (AMAZON-AES) (AMAZON-AES)
4 4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	13.35.253.75 13.35.253.75	16509 (AMAZON-02) (AMAZON-02)
2 3	34.255.107.204 34.255.107.204	16509 (AMAZON-02) (AMAZON-02)
2 3	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
7 15	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
14	186.192.91.2 186.192.91.2	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
4	54.87.32.120 54.87.32.120	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	131.0.25.125 131.0.25.125	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1 2	35.241.57.45 35.241.57.45	15169 (GOOGLE) (GOOGLE)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.121.106.122 3.121.106.122	16509 (AMAZON-02) (AMAZON-02)
2 3	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.240.183.205 34.240.183.205	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
4 4	3.67.18.150 3.67.18.150	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211e:7800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	18.197.84.79 18.197.84.79	16509 (AMAZON-02) (AMAZON-02)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	54.155.208.14 54.155.208.14	16509 (AMAZON-02) (AMAZON-02)
1 2	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.102.166.132 34.102.166.132	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	104.225.98.129 104.225.98.129	36236 (NETACTUATE) (NETACTUATE)
31	2607:f740:e61... 2607:f740:e619::1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
5	163.171.245.214 163.171.245.214	54994 (QUANTILNE...) (QUANTILNETWORKS)
5	68.142.70.14 68.142.70.14	22822 (LLNW) (LLNW)
5	2600:9000:214... 2600:9000:214f:4a00:1b:9b5:7e00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
2	35.190.26.57 35.190.26.57	15169 (GOOGLE) (GOOGLE)
2	52.29.156.167 52.29.156.167	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	151.101.192.65 151.101.192.65	54113 (FASTLY) (FASTLY)
4	2.16.187.144 2.16.187.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
4	107.154.192.225 107.154.192.225	19551 (INCAPSULA) (INCAPSULA)
4	192.229.220.19 192.229.220.19	15133 (EDGECAST) (EDGECAST)
3	186.192.80.13 186.192.80.13	() ()
354	100

1 131.0.25.109 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-109.prt.globo.com

globoplay.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 186.192.90.3 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-3.prt.globo.com

s3.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 186.192.91.5 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com

s.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.91.9 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com

s2.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 201.7.182.243 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)

cocoon.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 131.0.25.90 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-90.prt.globo.com

globo-ab.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.81.62 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-62.prt.globo.com

tags.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.0.25.59 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-59.prt.globo.com

stream.push.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:211e:2a00:8:e35d:8840:93a1 (United States)

ASN16509 (AMAZON-02, US)

jarvis-aws.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.90.11 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-11.prt.globo.com

security.video.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 131.0.25.68 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-68.prt.globo.com

horizon.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:9e15 (United States)

ASN13335 (CLOUDFLARENET, US)

tcc.cdn-trunomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tcc-apikeys.cdn-trunomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:df3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 201.7.182.142 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)

usergate.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 184.30.24.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.19.142.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.27.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-16.fra56.r.cloudfront.net

app.shoptarget.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
front.shoptarget.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.16.186.234 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-234.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.184.10.30 (Poland) 2 redirects

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ash.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.230 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

8622355.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:600:1a:6635:8d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

script.fixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.147 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.72.241.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-241-250.compute-1.amazonaws.com

api.fixelapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.81.117 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com

horizon-schemas.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-8.fra53.r.cloudfront.net

click.retargeter.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-86.fra6.r.cloudfront.net

static.shopback.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.233.108.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-108-24.compute-1.amazonaws.com

poscompra.shopconvert.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 7 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.35.253.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-69.fra6.r.cloudfront.net

ckies.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.94.40.153 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-40-153.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-75.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.255.107.204 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-107-204.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.89 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

cm.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 7 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 186.192.91.2 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-2.prt.globo.com

s02.video.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s01.video.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s03.video.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.87.32.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-32-120.compute-1.amazonaws.com

api.shopback.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.0.25.125 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-125.prt.globo.com

horizon-track.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.57.45 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 45.57.241.35.bc.googleusercontent.com

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.106.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-106-122.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.11 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.183.205 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-183-205.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.67.18.150 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-18-150.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.84.79 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-84-79.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.208.14 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-208-14.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.136.78 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.166.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.166.102.34.bc.googleusercontent.com

ad.tpmn.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.98.129 (Amsterdam, Netherlands)

ASN36236 (NETACTUATE, US)
PTR: 129.98.225.104.ptr.anycast.net

i2-hiiowgkgxiflgapmgoiiolydxhibgn.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 163.171.245.214 (United States)

ASN54994 (QUANTILNETWORKS, US)

p41683.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.142.70.14 (United States)

ASN22822 (LLNW, US)
PTR: https-68-142-70-14.any.llnw.net

limelight-ssl.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:214f:4a00:1b:9b5:7e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

p29.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

cdnetworks.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.26.57 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 57.26.190.35.bc.googleusercontent.com

benchmark.1e100cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.156.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-156-167.eu-central-1.compute.amazonaws.com

p33246.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cedexis-test.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.192.65 (United States)

ASN54113 (FASTLY, US)

fastly.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.187.144 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-187-144.deploy.static.akamaitechnologies.com

p34247.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

hwcdnssl.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.154.192.225 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.192.225.ip.incapdns.net

incapsula-cdn.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.220.19 (United States)

ASN15133 (EDGECAST, US)

vdms-ssl.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 186.192.80.13 (None, )

ASN- ()

live.video.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	cedexis-test.com p41683.cedexis-test.com limelight-ssl.cedexis-test.com p29.cedexis-test.com cdnetworks.cedexis-test.com p33246.cedexis-test.com fastly.cedexis-test.com p34247.cedexis-test.com hwcdnssl.cedexis-test.com incapsula-cdn.cedexis-test.com vdms-ssl.cedexis-test.com	444 KB
36	glbimg.com s3.glbimg.com s.glbimg.com p.glbimg.com s2.glbimg.com s02.video.glbimg.com s01.video.glbimg.com s03.video.glbimg.com	3 MB
36	globo.com globoplay.globo.com cocoon.globo.com globo-ab.globo.com tags.globo.com stream.push.globo.com jarvis-aws.globo.com security.video.globo.com horizon.globo.com usergate.globo.com horizon-schemas.globo.com horizon-track.globo.com live.video.globo.com	61 KB
33	cedexis.com 1 redirects radar.cedexis.com rpt.cedexis.com	27 KB
30	google.com 7 redirects fundingchoicesmessages.google.com www.google.com adservice.google.com	68 KB
28	doubleclick.net 16 redirects 8622355.fls.doubleclick.net pubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net	17 KB
23	krxd.net 4 redirects beacon.krxd.net cdn.krxd.net consumer.krxd.net usermatch.krxd.net	208 KB
20	tiqcdn.com tags.tiqcdn.com	45 KB
17	google.de www.google.de adservice.google.de	2 KB
11	criteo.com 5 redirects dynamic.criteo.com gum.criteo.com mug.criteo.com sslwidget.criteo.com widget.us.criteo.com dis.criteo.com	17 KB
9	tiktok.com analytics.tiktok.com	72 KB
8	yahoo.com 1 redirects cms.analytics.yahoo.com ads.yahoo.com ups.analytics.yahoo.com sp.analytics.yahoo.com	3 KB
7	google-analytics.com www.google-analytics.com	20 KB
6	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	6 KB
6	shopback.net static.shopback.net api.shopback.net	49 KB
6	facebook.com www.facebook.com	751 B
6	creativecdn.com 3 redirects us.creativecdn.com cm.creativecdn.com ash.creativecdn.com	3 KB
6	navdmp.com 1 redirects tag.navdmp.com usr.navdmp.com cdn.navdmp.com sync.navdmp.com	6 KB
6	googleapis.com imasdk.googleapis.com firebaseinstallations.googleapis.com firebaseremoteconfig.googleapis.com	270 KB
5	shoptarget.com.br app.shoptarget.com.br front.shoptarget.com.br	18 KB
4	advertising.com 4 redirects pixel.advertising.com	1 KB
4	ckies.net ckies.net	1 KB
4	fixel.ai script.fixel.ai	8 KB
3	demdex.net 2 redirects dpm.demdex.net	3 KB
3	shopconvert.com.br poscompra.shopconvert.com.br	8 KB
3	fixelapp.com api.fixelapp.com	1 KB
2	akamaized.net cedexis-test.akamaized.net	594 B
2	1e100cdn.net benchmark.1e100cdn.net	366 B
2	3lift.com 1 redirects eb2.3lift.com	734 B
2	addthis.com cw.addthis.com	854 B
2	tapad.com 1 redirects pixel.tapad.com	894 B
2	mgid.com 1 redirects cm.mgid.com	1 KB
2	mediawallahscript.com 1 redirects partner.mediawallahscript.com	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	360yield.com 1 redirects ad.360yield.com	854 B
2	1rx.io 2 redirects sync.1rx.io	950 B
2	rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	453 B
2	rlcdn.com idsync.rlcdn.com	704 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	734 B
2	googletagmanager.com www.googletagmanager.com	78 KB
2	facebook.net connect.facebook.net	114 KB
2	cdn-trunomi.com tcc.cdn-trunomi.com tcc-apikeys.cdn-trunomi.com	80 KB
1	cedexis-radar.net i2-hiiowgkgxiflgapmgoiiolydxhibgn.init.cedexis-radar.net	1 KB
1	pubmatic.com simage2.pubmatic.com	678 B
1	tpmn.co.kr ad.tpmn.co.kr	600 B
1	openx.net us-u.openx.net	274 B
1	smaato.net s.ad.smaato.net	239 B
1	media.net contextual.media.net	781 B
1	taboola.com sync-t1.taboola.com	231 B
1	outbrain.com sync.outbrain.com	476 B
1	kargo.com crb.kargo.com	360 B
1	googlesyndication.com pagead2.googlesyndication.com	29 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	497 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	bluekai.com 1 redirects stags.bluekai.com	716 B
1	googleadservices.com www.googleadservices.com	14 KB
1	retargeter.com.br click.retargeter.com.br	355 B
1	criteo.net static.criteo.net	13 KB
1	gstatic.com www.gstatic.com	15 KB
0	nexac.com Failed r.nexac.com Failed
354	61

	Domain	Requested by
31	rpt.cedexis.com	s3.glbimg.com
20	tags.tiqcdn.com	tags.globo.com
16	www.google.de	globoplay.globo.com
16	www.google.com	7 redirects globoplay.globo.com
15	googleads.g.doubleclick.net	7 redirects www.googleadservices.com
12	jarvis-aws.globo.com	s3.glbimg.com
11	beacon.krxd.net	tag.navdmp.com globoplay.globo.com cdn.krxd.net
11	fundingchoicesmessages.google.com	tags.globo.com s3.glbimg.com
10	s.glbimg.com	globoplay.globo.com s.glbimg.com s3.glbimg.com tags.globo.com
10	s3.glbimg.com	globoplay.globo.com p.glbimg.com s.glbimg.com tags.globo.com s3.glbimg.com
9	analytics.tiktok.com	tags.globo.com analytics.tiktok.com
8	s03.video.glbimg.com	globoplay.globo.com
7	www.google-analytics.com	tags.globo.com globoplay.globo.com
6	www.facebook.com	globoplay.globo.com
6	cdn.krxd.net	tags.tiqcdn.com cdn.krxd.net
6	usergate.globo.com	s3.glbimg.com
5	cdnetworks.cedexis-test.com	radar.cedexis.com cdnetworks.cedexis-test.com
5	p29.cedexis-test.com	radar.cedexis.com p29.cedexis-test.com
5	limelight-ssl.cedexis-test.com	radar.cedexis.com limelight-ssl.cedexis-test.com
5	p41683.cedexis-test.com	radar.cedexis.com p41683.cedexis-test.com
5	gum.criteo.com	4 redirects static.criteo.net
4	vdms-ssl.cedexis-test.com	radar.cedexis.com vdms-ssl.cedexis-test.com
4	incapsula-cdn.cedexis-test.com	radar.cedexis.com incapsula-cdn.cedexis-test.com
4	hwcdnssl.cedexis-test.com	radar.cedexis.com hwcdnssl.cedexis-test.com
4	p34247.cedexis-test.com	radar.cedexis.com p34247.cedexis-test.com
4	fastly.cedexis-test.com	radar.cedexis.com fastly.cedexis-test.com
4	pixel.advertising.com	4 redirects
4	ups.analytics.yahoo.com
4	api.shopback.net	s3.glbimg.com
4	s02.video.glbimg.com	globoplay.globo.com
4	ad.doubleclick.net	4 redirects
4	cm.g.doubleclick.net	4 redirects
4	usermatch.krxd.net	4 redirects
4	ckies.net	s3.glbimg.com
4	script.fixel.ai	tags.globo.com s3.glbimg.com script.fixel.ai
4	us.creativecdn.com	2 redirects tags.globo.com tags.tiqcdn.com
4	cocoon.globo.com	s.glbimg.com s3.glbimg.com
3	live.video.globo.com
3	secure.adnxs.com	2 redirects
3	ib.adnxs.com	2 redirects us.creativecdn.com
3	dpm.demdex.net	2 redirects
3	adservice.google.com	8622355.fls.doubleclick.net globoplay.globo.com
3	poscompra.shopconvert.com.br	app.shoptarget.com.br poscompra.shopconvert.com.br s3.glbimg.com
3	api.fixelapp.com	s3.glbimg.com
3	app.shoptarget.com.br	tags.globo.com s3.glbimg.com app.shoptarget.com.br
3	cdn.navdmp.com	1 redirects tag.navdmp.com globoplay.globo.com
3	globo-ab.globo.com	p.glbimg.com s3.glbimg.com
2	cedexis-test.akamaized.net
2	p33246.cedexis-test.com
2	benchmark.1e100cdn.net
2	firebaseremoteconfig.googleapis.com	s3.glbimg.com
2	firebaseinstallations.googleapis.com	s3.glbimg.com
2	eb2.3lift.com	1 redirects
2	cw.addthis.com
2	pixel.tapad.com	1 redirects
2	cm.mgid.com	1 redirects
2	partner.mediawallahscript.com	1 redirects
2	r.casalemedia.com	1 redirects
2	sp.analytics.yahoo.com
2	x.bidswitch.net	1 redirects
2	ad.360yield.com	1 redirects
2	dis.criteo.com
2	radar.cedexis.com	1 redirects
2	s01.video.glbimg.com	globoplay.globo.com
2	sync.1rx.io	2 redirects
2	idsync.rlcdn.com	globoplay.globo.com
2	sb.scorecardresearch.com	1 redirects globoplay.globo.com
2	static.shopback.net	app.shoptarget.com.br static.shopback.net
2	front.shoptarget.com.br	s3.glbimg.com
2	consumer.krxd.net	cdn.krxd.net
2	pubads.g.doubleclick.net	globoplay.globo.com
2	8622355.fls.doubleclick.net	1 redirects tags.globo.com
2	www.googletagmanager.com	tags.globo.com www.googletagmanager.com
2	connect.facebook.net	tags.globo.com connect.facebook.net
2	horizon.globo.com	globoplay.globo.com
2	imasdk.googleapis.com	s3.glbimg.com
1	i2-hiiowgkgxiflgapmgoiiolydxhibgn.init.cedexis-radar.net	s3.glbimg.com
1	simage2.pubmatic.com
1	ad.tpmn.co.kr
1	us-u.openx.net
1	s.ad.smaato.net
1	contextual.media.net
1	ads.yahoo.com
1	pixel.rubiconproject.com
1	sync-t1.taboola.com
1	sync.outbrain.com
1	crb.kargo.com
1	horizon-track.globo.com	s3.glbimg.com
1	pagead2.googlesyndication.com
1	widget.us.criteo.com	globoplay.globo.com
1	sslwidget.criteo.com	1 redirects
1	adservice.google.de	adservice.google.com
1	ash.creativecdn.com	us.creativecdn.com
1	cm.creativecdn.com	1 redirects
1	mug.criteo.com	globoplay.globo.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.navdmp.com	globoplay.globo.com
1	cms.analytics.yahoo.com	1 redirects
1	pixel-sync.sitescout.com	globoplay.globo.com
1	token.rubiconproject.com	globoplay.globo.com
1	stags.bluekai.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	click.retargeter.com.br	s3.glbimg.com
1	stats.g.doubleclick.net	s3.glbimg.com
1	horizon-schemas.globo.com	s3.glbimg.com
1	static.criteo.net	dynamic.criteo.com
1	dynamic.criteo.com	tags.globo.com
1	usr.navdmp.com	tag.navdmp.com
1	tag.navdmp.com	tags.globo.com
1	tcc-apikeys.cdn-trunomi.com	s3.glbimg.com
1	tcc.cdn-trunomi.com	s3.glbimg.com
1	security.video.globo.com	s3.glbimg.com
1	stream.push.globo.com	globoplay.globo.com
1	tags.globo.com	s3.glbimg.com
1	www.gstatic.com	globoplay.globo.com
1	s2.glbimg.com	globoplay.globo.com
1	p.glbimg.com	globoplay.globo.com
1	globoplay.globo.com
0	r.nexac.com Failed	globoplay.globo.com
354	119

This site contains links to these domains. Also see Links.

Domain
centraldeajuda.globo.com
ajuda.globo

Subject Issuer	Validity	Valid
globoplay.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-20` - `2022-09-20`	a year	crt.sh
s3.glbimg.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-30` - `2022-05-30`	a year	crt.sh
*.glbimg.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-06` - `2022-06-06`	a year	crt.sh
cocoon.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-15` - `2022-10-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
globo-ab.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-15` - `2022-08-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tags.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-10` - `2022-09-10`	a year	crt.sh
stream.push.globo.com R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
jarvis-aws.globo.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.video.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-26` - `2022-10-26`	a year	crt.sh
horizon.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-11` - `2022-11-11`	a year	crt.sh
*.cdn-trunomi.com R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
usergate.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-28` - `2022-08-28`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-13` - `2022-01-11`	3 months	crt.sh
*.shopback.net Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
script.fixel.ai Amazon	`2021-03-29` - `2022-04-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
api.fixelapp.com Amazon	`2021-09-19` - `2022-10-18`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
horizon-schemas.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-04-17` - `2022-04-17`	a year	crt.sh
*.retargeter.com.br Amazon	`2021-07-28` - `2022-08-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
ckies.net Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.video.glbimg.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-07` - `2022-06-07`	a year	crt.sh
horizon-track.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-11` - `2022-11-11`	a year	crt.sh
*.dev.kargo.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-12-06` - `2022-01-26`	2 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
ad.tpmn.co.kr GTS CA 1D4	`2021-12-30` - `2022-03-30`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.init.cedexis-radar.net Go Daddy Secure Certificate Authority - G2	`2019-11-14` - `2022-01-13`	2 years	crt.sh
radar.cedexis.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-09` - `2022-08-09`	a year	crt.sh
p41683.cedexis-test.com R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
limelight-ssl.cedexis-test.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-28` - `2022-07-06`	a year	crt.sh
*.cedexis-test.com Amazon	`2021-11-16` - `2022-12-14`	a year	crt.sh
p36.cedexis-test.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-28` - `2022-07-06`	a year	crt.sh
1e100cdn.net GTS CA 1D4	`2021-12-20` - `2022-03-20`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
fastly.cedexis-test.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
p34247.cedexis-test.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2022-12-01`	a year	crt.sh
p45890.cedexis-test.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-28` - `2022-07-06`	a year	crt.sh
vdms-ssl.cedexis-test.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-27` - `2022-06-01`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Frame ID: A4A681546AF3888FDC090A1F4B19B08C
Requests: 263 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&sr=&ts=1641236102381&tc=1
Frame ID: 4C6DCE476AADDB6ED974C65838141FEC
Requests: 2 HTTP requests in this frame

Frame: https://8622355.fls.doubleclick.net/activityi;dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349
Frame ID: 69C8B018DC1F3E6801146477B97D788F
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT_offer_gHnkmg7Xvm&id=pr_1zSyBx00pXTGj9bZFsVT_custom_usergroup_desconhecido&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&sr=&ts=1641236102385&tc=1
Frame ID: 4DF88BEE942FA62FAE44231F33B820BF
Requests: 2 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 3A233EEB9CBF97CB2B46DAED5A7CC97E
Requests: 18 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=globoplay.globo.com&origin=onetag
Frame ID: D1D73CE9EE2A7911CEDE91E4DC5E0150
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349;~oref=https://globoplay.globo.com/
Frame ID: 73F1C0C76C2CAAD2A0E6777CB802123F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349;~oref=https://globoplay.globo.com/
Frame ID: DF3B4D33D6175ABC41C980F7611F0C86
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/?id=228148035774464&ev=ViewContent&cd[content_type]=product&cd[content_ids]=%5B%221443963264339834175%22%5D&cd[product_catalog_id]=289385879397894&cd[product_category]=0&cd[criteo_audience_3_0]=A3&cd[external_id]=87fff405-face-4048-ac89-2f6272ac0131&cd[application_id]=423936147658676
Frame ID: 4848D66CD67D24E4C90C56A1B16067BC
Requests: 1 HTTP requests in this frame

Frame: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mwMTiAlD65qpmA0IB5-Oq54AgnDXt56Q
Frame ID: 4E893BF628DB9F4D91C1E179908C651F
Requests: 30 HTTP requests in this frame

Frame: https://p41683.cedexis-test.com/img/41683/iuni4.html?rnd=-1-1-23346-0-0-41683-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Frame ID: 5C6D91CEA0847E0B955CF5C3AEFFAC6A
Requests: 2 HTTP requests in this frame

Frame: https://limelight-ssl.cedexis-test.com/img/17003/iuni4.html?rnd=-1-1-23346-0-0-17003-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Frame ID: 368028336F32FE5B64C44BBEFCC67A7A
Requests: 2 HTTP requests in this frame

Frame: https://p29.cedexis-test.com/img/29/iuni4.html?rnd=-1-1-23346-0-0-29-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Frame ID: C199D704C177BC7C72D638EF24E0EC8C
Requests: 2 HTTP requests in this frame

Frame: https://cdnetworks.cedexis-test.com/img/17653/iuni4.html?rnd=-1-1-23346-0-0-17653-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Frame ID: D950A382AC8653E697F2528E5E6550AE
Requests: 2 HTTP requests in this frame

Frame: https://fastly.cedexis-test.com/img/20367/iuni4.html?rnd=-1-1-23346-0-0-20367-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Frame ID: 41D9D33DF04F1DFCEAE51565B9269C3B
Requests: 2 HTTP requests in this frame

Frame: https://p34247.cedexis-test.com/img/iuni4.html?rnd=-1-1-23346-0-0-34247-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Frame ID: 74B29D50AC7B4BA398EC7277B4FB1417
Requests: 2 HTTP requests in this frame

Frame: https://hwcdnssl.cedexis-test.com/img/17000/iuni4.html?rnd=-1-1-23346-0-0-17000-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Frame ID: E4F837F8F81EECBF8B81D890238220E4
Requests: 2 HTTP requests in this frame

Frame: https://incapsula-cdn.cedexis-test.com/img/32481/iuni4.html?rnd=-1-1-23346-0-0-32481-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Frame ID: 17FBAA06AE3C91C5872E69E254480B9B
Requests: 2 HTTP requests in this frame

Frame: https://vdms-ssl.cedexis-test.com/img/16999/iuni4.html?rnd=-1-1-23346-0-0-16999-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Frame ID: 9F79FC3FCFDBFFE900D15542809836A6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Assistir Malhação Sonhos online no GloboplayGlobo Privacidade

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

354
Requests

89 %
HTTPS

25 %
IPv6

61
Domains

119
Subdomains

100
IPs

10
Countries

4576 kB
Transfer

12438 kB
Size

84
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://centraldeajuda.globo.com/Globoplay/
Title: Ajuda

Search URL Search Domain Scan URL

URL: https://ajuda.globo/globoplay/web/produtos/
Title: Sobre

Search URL Search Domain Scan URL

URL: https://ajuda.globo/globoplay/app/globoplay-internacional/
Title: Ajuda

Search URL Search Domain Scan URL

URL: https://ajuda.globo/globoplay/termos-e-politicas/eu
Title: Termos e políticas

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&sr=&ts=1641236102381 HTTP 302
https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&sr=&ts=1641236102381&tc=1

Request Chain 82

https://8622355.fls.doubleclick.net/activityi;src=8622355;type=play;cat=allpages;ord=489684455190.349 HTTP 302
https://8622355.fls.doubleclick.net/activityi;dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349

Request Chain 86

https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT_offer_gHnkmg7Xvm&id=pr_1zSyBx00pXTGj9bZFsVT_custom_usergroup_desconhecido&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&sr=&ts=1641236102385 HTTP 302
https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT_offer_gHnkmg7Xvm&id=pr_1zSyBx00pXTGj9bZFsVT_custom_usergroup_desconhecido&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&sr=&ts=1641236102385&tc=1

Request Chain 90

https://cdn.navdmp.com/cus?acc=13574&cus=197685&img=1 HTTP 302
https://cdn.navdmp.com/img?acc=13574&cus=197685&img=1

Request Chain 142

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2xIeEFvcUM HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJbgIEQCEqjQzGG4_-joZc0&google_cver=1

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2xIeEFvcUM HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIXcS4-gL3NXQnOf9B776Cg&google_cver=1

Request Chain 144

https://stags.bluekai.com/site/26357?id=OlHxAoqC&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOlHxAoqC%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?_kuid=OlHxAoqC&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 145

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=nRuxvhP86iuXgt4rXuCYv7AD3qOTxNiD

Request Chain 146

https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OlHxAoqC&rn=1641236103 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OlHxAoqC&rn=1641236103

Request Chain 147

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OlHxAoqC&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OlHxAoqC&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=55215904391378571911515411323264510815

Request Chain 148

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID HTTP 302
https://beacon.krxd.net/usermatch.gif?adnxs_uid=2933844562998605552

Request Chain 151

https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OlHxAoqC&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID

Request Chain 152

https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OlHxAoqC HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-RNz4JUVE2puqYrtXdjWqA3lZYXs2v3ZUwQ--~A

Request Chain 153

https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
https://sync.navdmp.com/sync?prtid=30&salid=OlHxAoqC

Request Chain 154

https://sync.1rx.io/usersync/krux/OlHxAoqC?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/krux/OlHxAoqC?zcc=1&dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1641236102871 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-915757fd-7e60-49e6-8c20-1268cc76eab2-003?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3DRX-915757fd-7e60-49e6-8c20-1268cc76eab2-003 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-915757fd-7e60-49e6-8c20-1268cc76eab2-003

Request Chain 156

https://gum.criteo.com/sid/json?origin=onetag&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=globoplay.globo.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=NxpI63xKcW50T0crM3cvZXZ1QzMyN3FLMmlkZUxSWTlseHZCQTJndW56VmZhOEVqTkZaQmpoamd2YmFNU1VhQmcvZTdNNTRvcEZQMVkzSVdQOWxNYnRBSkM4K3h0ZWl5OXJuV095MjAwU0RKWlZWZ0lldm00UVFkRTJVNndUVXdNYmREUTJGZ01NTHRTK1Z6NzdkWGp3UlpNT29SSFFEMjlWa0FQMkllcnMxNm55dW5KbE0yNnVLbWdMay9SUjdLZXdzV2hGTXplVGVjZnZhL2ViTnJ3VG1XWDljUDlCbnYvNkx3M1kvdE0xYnd6VktnQU4yZlhLOWc0ZTZqQUlxaWR5bys0anBwTzN3MHN2Mk9LOFF6Y2lzTy94QT09fA&cppv=2

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=NUJNY2lVWjRzYlRYMEdyd1NVZUI%3D&pi=adx&tdc=ash&chain= HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESEPt7DluWSUYRDMoYRe1fKGY&google_cver=1&google_ula=5153224,0 HTTP 302
https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESEPt7DluWSUYRDMoYRe1fKGY&google_cver=1&google_ula=5153224,0

Request Chain 163

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102824&cv=9&fst=1641236102824&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1433146272&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1433146272&resp=GooglemKTybQhCsO&ipr=y

Request Chain 164

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102824&cv=9&fst=1641236102824&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1993595961&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1993595961&resp=GooglemKTybQhCsO&ipr=y

Request Chain 165

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102825&cv=9&fst=1641236102825&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1076512699&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1076512699&resp=GooglemKTybQhCsO&ipr=y

Request Chain 166

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102825&cv=9&fst=1641236102825&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=948460367&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=948460367&resp=GooglemKTybQhCsO&ipr=y

Request Chain 167

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102826&cv=9&fst=1641236102826&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102826&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1353620044&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102826&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1353620044&resp=GooglemKTybQhCsO&ipr=y

Request Chain 171

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987597516/?random=1641236102829&cv=9&fst=1641236102829&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/987597516/?random=1641236102829&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1566748312&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/987597516/?random=1641236102829&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1566748312&resp=GooglemKTybQhCsO&ipr=y

Request Chain 172

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987597516/?random=1641236102830&cv=9&fst=1641236102830&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/987597516/?random=1641236102830&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=654339253&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/987597516/?random=1641236102830&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=654339253&resp=GooglemKTybQhCsO&ipr=y

Request Chain 174

https://sslwidget.criteo.com/event?a=61498&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvp%26p%3DgHnkmg7Xvm&p3=e%3Ddis%26a%3D%255B61498%252C61498%255D&adce=1&bundle=BXLuPV9yaW1TZU5GMUtBRHJTWGZlcXdTQ3N3bGlNZURRRk83MDFQWmI3MU9JYUJ2dWhOM05rRmxIVGFUZGVZdGFMVEZ0UkRPekw4dkF2WEdwNUxvY1dtclZJaWFKcElKRFFUeWtVYklwRWdrRDVNbmMlMkZXJTJCVFB4dDFoMWFYJTJCbFplYlU0MFZObzIlMkI3elNuVXBqSDNWYWo1a29adyUzRCUzRA&tld=globo.com&dy=1&dtycbr=1192 HTTP 302
https://widget.us.criteo.com/event?a=61498&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvp%26p%3DgHnkmg7Xvm&p3=e%3Ddis%26a%3D%255B61498%252C61498%255D&adce=1&bundle=BXLuPV9yaW1TZU5GMUtBRHJTWGZlcXdTQ3N3bGlNZURRRk83MDFQWmI3MU9JYUJ2dWhOM05rRmxIVGFUZGVZdGFMVEZ0UkRPekw4dkF2WEdwNUxvY1dtclZJaWFKcElKRFFUeWtVYklwRWdrRDVNbmMlMkZXJTJCVFB4dDFoMWFYJTJCbFplYlU0MFZObzIlMkI3elNuVXBqSDNWYWo1a29adyUzRCUzRA&tld=globo.com&dy=1&dtycbr=1192

Request Chain 176

https://ad.doubleclick.net/ddm/activity/src=8622355;type=playsig;cat=globo000;u13=Med;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8622355;dc_pre=CI3ZpfeglvUCFRPSGQodbDQCDw;type=playsig;cat=globo000;u13=Med;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8622355;dc_pre=CI3ZpfeglvUCFRPSGQodbDQCDw;type=playsig;cat=globo000;u13=Med;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 179

https://ad.doubleclick.net/ddm/activity/src=8622355;type=playsig;cat=globo000;u13=Basic;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8622355;dc_pre=CPDapfeglvUCFaBFHgIdMWcBJA;type=playsig;cat=globo000;u13=Basic;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8622355;dc_pre=CPDapfeglvUCFaBFHgIdMWcBJA;type=playsig;cat=globo000;u13=Basic;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 233

https://radar.cedexis.com/1/23346/radar.js HTTP 302
https://radar.cedexis.com/1621860284/radar.js

Request Chain 237

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mwMTiAlD65qpmA0IB5-Oq54AgnDXt56Q

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay13R0ZNV2xldnRtNUE1eWlxZlg2NGtEOS1mbUcxTkFrUE8yUWNIZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 240

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2933844562998605552

Request Chain 244

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-tnhNBFevtm5A5yiqfX64kD9-fmEzRAfJMCh30g HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-tnhNBFevtm5A5yiqfX64kD9-fmEzRAfJMCh30g

Request Chain 247

https://pixel.advertising.com/ups/55945/sync?uid=k-xMaCXlevtm5A5yiqfX64kD9-fmGOc4XM0-vX_Q&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-xMaCXlevtm5A5yiqfX64kD9-fmGOc4XM0-vX_Q&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-xMaCXlevtm5A5yiqfX64kD9-fmGOc4XM0-vX_Q&_origin=1&apid=UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c

Request Chain 250

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-U6_KW1evtm5A5yiqfX64kD9-fmELydqvYVuYIA&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-U6_KW1evtm5A5yiqfX64kD9-fmELydqvYVuYIA&expires=30

Request Chain 253

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5pJpd1evtm5A5yiqfX64kD9-fmGx909iPcF_Jg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5pJpd1evtm5A5yiqfX64kD9-fmGx909iPcF_Jg&C=1

Request Chain 254

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg&custom=&tag_format=img&tag_action=sync&custom=&cb=42841710-b069-415c-ab61-8d0ba0e4b653 HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=42841710-b069-415c-ab61-8d0ba0e4b653&final=true&reqid=a9b83970-6cc6-11ec-ba06-bf00fd17b9de&timestamp=2022-01-03T18%3A55%3A04.839Z

Request Chain 255

https://cm.mgid.com/m?cdsp=617660&c=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg HTTP 307
https://cm.mgid.com/m?c=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg&cdsp=617660&sct=1

Request Chain 256

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg

Request Chain 260

https://eb2.3lift.com/xuid?mid=2711&xuid=k-sUSW0levtm5A5yiqfX64kD9-fmFeWUnuf1Uaaw&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-sUSW0levtm5A5yiqfX64kD9-fmFeWUnuf1Uaaw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 264

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=gWCxhunadoiLKDhxlBFCKJB63OLs2rEk

Request Chain 265

https://pixel.advertising.com/ups/55945/sync?uid=k-IgfUqVevtm5A5yiqfX64kD9-fmFkE3HaHjROcA&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-IgfUqVevtm5A5yiqfX64kD9-fmFkE3HaHjROcA&_origin=1&apid=UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c

Request Chain 266

https://pixel.advertising.com/ups/55945/sync?uid=k-k_-YyFevtm5A5yiqfX64kD9-fmFz8iV1KQUM0g&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-k_-YyFevtm5A5yiqfX64kD9-fmFz8iV1KQUM0g&_origin=1&apid=UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c

354 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/ 45 KB
13 KB 1705ms
643ms Document
text/html 131.0.25.109
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.109 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-109.prt.globo.com

Software

nginx /

Resource Hash

e3aeab48b98bffd862e8396f623b16f0d5e7a3d292a42cd527e275e0acce1cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 03 Jan 2022 18:54:52 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding x-tenant-id, x-country-code
etag: W/"b58f-wi6517nYKU7uwYEafNjgRPTsHEI"
cache-control: max-age=300
expires: Mon, 03 Jan 2022 18:59:52 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-country-code: DE
content-encoding: gzip

GET
H2 200 app-vendor-bundle-acb2492.css
s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/ 44 KB
8 KB 908ms
448ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-acb2492.css
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: f283d3c3a2dd4996a0a12186aee8ce70e051aeb70aec4b2954ab471e2b42fa00

Request headers

Referer: https://globoplay.globo.com/
Origin: https://globoplay.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
content-encoding: gzip
x-openstack-request-id: txc26662fcb4c941ffa7f97-0061ce1482
last-modified: Thu, 30 Dec 2021 02:25:03 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: text/css
access-control-allow-origin: https://globoplay.globo.com
x-timestamp: 1640831102.96864
cache-control: public, max-age=604800
x-trans-id: txc26662fcb4c941ffa7f97-0061ce1482
x-request-id: c574aae0-67d5-4d2a-9a51-2ad05da4716c
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id

GET
H2 200 app-client-bundle-592e21b.css
s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/ 375 KB
75 KB 1136ms
677ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-client-bundle-592e21b.css
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 05eba343e865566b29b9fabe69b10e7f43d9050f3b81156faeb3db1db19f23eb

Request headers

Referer: https://globoplay.globo.com/
Origin: https://globoplay.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
content-encoding: gzip
x-openstack-request-id: tx92b727c3068c4fe1b61bd-0061cd1bc0
last-modified: Thu, 30 Dec 2021 02:25:03 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: text/css
access-control-allow-origin: https://globoplay.globo.com
x-timestamp: 1640831102.97916
cache-control: public, max-age=604800
x-trans-id: tx92b727c3068c4fe1b61bd-0061cd1bc0
x-request-id: 7096fc26-84f6-44d8-8a0f-fbaab3043552
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id

GET
H2 200 opensans-regular-webfont.woff
s.glbimg.com/gl/ba/fonts/ 23 KB
24 KB 888ms
226ms Font
application/x-font-woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/gl/ba/fonts/opensans-regular-webfont.woff

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

696ca6f4eaabe0803032cf9a2ba74328c7df0e1d9379b614091fc252db3965b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://globoplay.globo.com/
Origin: https://globoplay.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 419166213 ra03 11 16
age: 459189
content-length: 23644
x-xss-protection: 1; mode=block
x-request-id: fea534dd-7575-4a20-8c14-cbcd65709434
last-modified: Fri, 24 Jul 2020 12:45:33 GMT
x-thanos: 0AB1D028
etag: "5f1ad7ed-5c5c"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: https://globoplay.globo.com
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 05 Jan 2022 11:21:43 GMT

GET
H2 200 opensans-light-webfont.woff
s.glbimg.com/gl/ba/fonts/ 20 KB
20 KB 1336ms
674ms Font
application/x-font-woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/gl/ba/fonts/opensans-light-webfont.woff

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://globoplay.globo.com/
Origin: https://globoplay.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 422620098 ra03 11 16
age: 459189
content-length: 20184
x-xss-protection: 1; mode=block
x-request-id: 80a35a7d-181f-4704-82b8-f31565a308c3
last-modified: Fri, 24 Jul 2020 12:45:33 GMT
x-thanos: 0AB1D028
etag: "5f1ad7ed-4ed8"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: https://globoplay.globo.com
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 05 Jan 2022 11:21:43 GMT

GET
H2 200 opensans-semibold-webfont.woff
s.glbimg.com/gl/ba/fonts/ 20 KB
20 KB 1338ms
675ms Font
application/x-font-woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/gl/ba/fonts/opensans-semibold-webfont.woff

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

0c02b58c454919d2e837f811f37fc15c05dc3d98600f749e13073862785b7221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://globoplay.globo.com/
Origin: https://globoplay.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 422251270 ra03 11 16
age: 459189
content-length: 20168
x-xss-protection: 1; mode=block
x-request-id: c6262e8e-d3d9-48e0-9c69-035200eee459
last-modified: Fri, 24 Jul 2020 12:45:33 GMT
x-thanos: 0AB1D028
etag: "5f1ad7ed-4ec8"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: https://globoplay.globo.com
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 05 Jan 2022 11:21:43 GMT

GET
H2 200 opensans-bold-webfont.woff
s.glbimg.com/gl/ba/fonts/ 20 KB
20 KB 1338ms
676ms Font
application/x-font-woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/gl/ba/fonts/opensans-bold-webfont.woff

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

26fb987316ffb63b047e97badcaa3254d10e3edf6ba0898d600ef27a233b7808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://globoplay.globo.com/
Origin: https://globoplay.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 422921234 ra03 11 16
age: 459189
content-length: 20368
x-xss-protection: 1; mode=block
x-request-id: 28f20b87-a014-4417-8925-62c957544dde
last-modified: Fri, 24 Jul 2020 12:45:34 GMT
x-thanos: 0AB1D028
etag: "5f1ad7ee-4f90"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: https://globoplay.globo.com
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 05 Jan 2022 11:21:43 GMT

GET
H2 200 globofutura-bold-webfont.woff
s.glbimg.com/gl/ba/fonts/ 21 KB
21 KB 1338ms
676ms Font
application/x-font-woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/gl/ba/fonts/globofutura-bold-webfont.woff

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

375794527d73794164eb9aeebc3c3999fb8bb9b2f5a683fbd1662aa72d842990

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://globoplay.globo.com/
Origin: https://globoplay.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 419560387 ra03 11 16
age: 459189
content-length: 21184
x-xss-protection: 1; mode=block
x-request-id: 7a5431ef-9402-4e6c-9ff4-3ce2dd742488
last-modified: Thu, 29 Jun 2017 21:08:41 GMT
x-thanos: 0AB1D028
etag: "59556c59-52c0"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: https://globoplay.globo.com
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 05 Jan 2022 11:21:43 GMT

GET
H2 200 globofutura-medium-webfont.woff
s.glbimg.com/gl/ba/fonts/ 21 KB
21 KB 1338ms
676ms Font
application/x-font-woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/gl/ba/fonts/globofutura-medium-webfont.woff

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

dd2c7e02518bfa14a9db28ecdd19a6ec91b87468dba35c984a118747efb5f2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://globoplay.globo.com/
Origin: https://globoplay.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 424025977 ra03 11 16
age: 459189
content-length: 21228
x-xss-protection: 1; mode=block
x-request-id: db0e6ee6-fe54-4a32-a16b-5fddb3b1b7ee
last-modified: Thu, 29 Jun 2017 21:08:41 GMT
x-thanos: 0AB1D028
etag: "59556c59-52ec"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: https://globoplay.globo.com
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 05 Jan 2022 11:21:43 GMT

GET
H2 200 cadun.js Show response
s.glbimg.com/pc/ca/ 14 KB
6 KB 433ms
432ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/cadun.js

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1056060734 ra03 11 04
age: 424794
content-length: 5547
x-xss-protection: 1; mode=block
x-request-id: 9d8ae36f-bc93-4179-b021-52dd0a685064
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB1D00B
etag: W/"6011d1fe-3759"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 05 Jan 2022 20:54:59 GMT

GET
H2 200 api.min.js Show response
p.glbimg.com/api/stable/ 37 KB
14 KB 890ms
226ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.glbimg.com/api/stable/api.min.js

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

97b81651ac630805fe9f93b8a9481cc286ddb6240b3964a647371f01bca28641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1056060733 ra03 11 04
age: 1023
content-length: 13484
x-xss-protection: 1; mode=block
x-request-id: 54c3404d-acea-463a-adb6-f8016d6ef17e
last-modified: Thu, 04 Nov 2021 17:23:50 GMT
x-thanos: 0AB1D00B
etag: W/"61841726-9496"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 03 Jan 2022 19:37:50 GMT

GET
H2 200 app-chunk-manifest-bundle-216eb84.js Show response
s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/ 1 KB
1 KB 682ms
225ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-chunk-manifest-bundle-216eb84.js
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: fa6fd33317a03709705fa8fb0fdfb201274ba09106ff297e820b08da40efc4d7

Request headers

Referer: https://globoplay.globo.com/
Origin: https://globoplay.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
content-encoding: gzip
x-openstack-request-id: txbd3ea29f3b8c490e8b5cc-0061cd1bc0
last-modified: Thu, 30 Dec 2021 02:25:03 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: application/javascript
access-control-allow-origin: https://globoplay.globo.com
x-timestamp: 1640831102.95618
cache-control: public, max-age=604800
x-trans-id: txbd3ea29f3b8c490e8b5cc-0061cd1bc0
x-request-id: 9fce4590-0450-49d8-83fc-dcd80d6342e0
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id

GET
H2 200 app-vendor-bundle-450de87.js Show response
s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/ 3 MB
1 MB 906ms
449ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 833f981fe94962dbe695050b51928eabaeafc590828dec51709e903d66025424

Request headers

Referer: https://globoplay.globo.com/
Origin: https://globoplay.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
content-encoding: gzip
x-openstack-request-id: tx1c5352567147494eb36c0-0061cd1bc0
last-modified: Thu, 30 Dec 2021 02:25:04 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: application/javascript
access-control-allow-origin: https://globoplay.globo.com
x-timestamp: 1640831103.00578
cache-control: public, max-age=604800
x-trans-id: tx1c5352567147494eb36c0-0061cd1bc0
x-request-id: 85a3fa1a-d258-4b43-ad1c-54b163970f01
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id

GET
H2 200 app-client-bundle-d60d0e2.js Show response
s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/ 2 MB
636 KB 1130ms
673ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-client-bundle-d60d0e2.js
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 5b402ce25e51c50c186bb5e04967bea2feef934669aa26b67961e9c84b579626

Request headers

Referer: https://globoplay.globo.com/
Origin: https://globoplay.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:53 GMT
content-encoding: gzip
x-openstack-request-id: txe3e402950d264895a8f87-0061cd1bc0
last-modified: Thu, 30 Dec 2021 02:25:03 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: application/javascript
access-control-allow-origin: https://globoplay.globo.com
x-timestamp: 1640831102.98688
cache-control: public, max-age=604800
x-trans-id: txe3e402950d264895a8f87-0061cd1bc0
x-request-id: 29cdc0b5-6efd-4c88-bf37-2696c551040b
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id

GET
H2 200 2021-1465-malhacao-sonhos-background.jpg
s2.glbimg.com/rL9fuZczAzcpmYVGXZb5gWgwciQ=/0x720/https://s2.glbimg.com/h7-YfmpR6PDzsI5wUetsrkawWro=/i.s3.glbimg.com/v1/AUTH_c3c606ff68e7478091d1ca496f9c5625/internal_photos/bs/2021/X/J/GOYv7BQvaBT5... 142 KB
143 KB 685ms
225ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/rL9fuZczAzcpmYVGXZb5gWgwciQ=/0x720/https://s2.glbimg.com/h7-YfmpR6PDzsI5wUetsrkawWro=/i.s3.glbimg.com/v1/AUTH_c3c606ff68e7478091d1ca496f9c5625/internal_photos/bs/2021/X/J/GOYv7BQvaBT5Cce6gAhw/2021-1465-malhacao-sonhos-background.jpg
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 02541ed37faaf2dab803a3d82e54e67f75c10b0f190cfc3d9dfdc679a66897f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:55 GMT
via: 2.0 CachOS
x-bip: 149871844 ra09 20 16
age: 2317830
etag: "6c2751d6be31edc66072247e1c0a8820a78697fd"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D026
access-control-allow-headers: Content-Type
content-length: 145666
x-request-id: f95f2c53-88a5-405f-8000-f9638cce937a
expires: Thu, 06 Jan 2022 22:29:20 GMT

OPTIONS
H2 204 logged
cocoon.globo.com/v2/user/ Frame 0
0 717ms
242ms Preflight 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 03 Jan 2022 18:54:56 GMT
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods: POST, OPTIONS
access-control-allow-credentials: true
x-request-id: 5fb56bf5-a8fe-4b60-ad4e-1872a17dc22c
x-thanos: 0A8490A2

GET
H2 200 firebase-performance-standalone.js Show response
www.gstatic.com/firebasejs/8.3.1/ 47 KB
15 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-performance-standalone.js

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2be8244dfc815a9aa6990ee186af225a1196a80132282c05fa2df2560bd0e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 11:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14341
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Wed, 28 Dec 2022 11:16:25 GMT

GET
H2 200 login.css
s.glbimg.com/pc/ca/ 846 B
838 B 225ms
225ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/login.css

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1053636647 ra03 11 04
age: 336699
content-length: 431
x-xss-protection: 1; mode=block
x-request-id: 74d4e371-602f-4e27-99a8-34c345bce8c2
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB1D00B
etag: W/"6011d1fe-34e"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 06 Jan 2022 21:23:15 GMT

POST
H2 200 logged Show response
cocoon.globo.com/v2/user/ 187 B
698 B 688ms
230ms XHR
application/json 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash: 75d850c39a04b147f6ef94c0c42f439949f0e999e273026a64d48514d5cdfcfd

Request headers

Referer: https://globoplay.globo.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:56 GMT
content-encoding: gzip
x-thanos: 0A83D0A7
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
x-request-id: 720483ed-85e5-43c2-8620-af1f9bbf4c6c

GET
H2 200 settings.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 3 KB
2 KB 882ms
429ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 5f3fd8580efc7dc2d2f26389b814b79b727ea3126f1ea4a6c67c2bcf6e306336

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:56 GMT
content-encoding: gzip
x-openstack-request-id: tx8d70069cc28c4160b1372-0061d34555
last-modified: Tue, 14 Sep 2021 19:33:54 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1631647454.000000
x-timestamp: 1631648033.02489
cache-control: public, max-age=300
content-type: application/javascript
x-trans-id: tx8d70069cc28c4160b1372-0061d34555
x-request-id: f6bc4e76-d673-4440-8604-86db1ece781a

GET
H2 200 selected-alternatives Show response
globo-ab.globo.com/v2/ 294 B
822 B 728ms
235ms Fetch
application/json 131.0.25.90
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://globo-ab.globo.com/v2/selected-alternatives?experiments=player-isolated-experiment-02&skipImpressions=true

Requested by

Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.90 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-90.prt.globo.com

Software

nginx /

Resource Hash

d0bb667f426e06269e13e30b08c619fc3399338d68338db08647fd1772597945

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=300; includeSubDomains
trace-id: 1115c115a57d9514
access-control-allow-headers: user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID

GET
H2 200 player.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/ 2 MB
555 KB 227ms
227ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 9ba2d12a3cb883d8702129edd63bf2d301857050b38228ba8c37fc3bf5eb85f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:54:57 GMT
content-encoding: gzip
x-openstack-request-id: tx100ee69949344792927c8-0061d342cb
last-modified: Tue, 28 Dec 2021 18:14:09 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1640713508.000000
x-timestamp: 1640715248.73143
cache-control: public, max-age=1800
content-type: application/javascript
x-trans-id: tx100ee69949344792927c8-0061d342cb
x-request-id: f19b54fc-bedc-46ac-98cf-f6b3080acb11

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 375 KB
124 KB 525ms
143ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126523
x-xss-protection: 0
expires: Mon, 03 Jan 2022 18:55:00 GMT

GET
H2 200 ima3_dai.js Show response
imasdk.googleapis.com/js/sdkloader/ 438 KB
145 KB 446ms
64ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3_dai.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2492dc6a2a950dc0f5a32f8882037746543f4a87bbc1cd9fd27543ab38064e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148286
x-xss-protection: 0
expires: Mon, 03 Jan 2022 18:55:00 GMT

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 226ms
225ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-client-bundle-d60d0e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1053020728 ra03 11 04
age: 320
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: e905d8d9-13aa-4eef-b795-85f0a1043705
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB1D00B
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 03 Jan 2022 19:49:40 GMT

GET
H2 200 utag.js Show response
tags.globo.com/utag/globo/globoplay/prod/ 59 KB
20 KB 820ms
226ms Script
text/plain 186.192.81.62
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.globo.com/utag/globo/globoplay/prod/utag.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-client-bundle-d60d0e2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

186.192.81.62 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-62.prt.globo.com

Software

nginx /

Resource Hash

0c57cab8cd799b53279aa83d3232f280a51d2baeaf45e9f8ce1e23d368ce88c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:01 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 18:17:36 GMT
server: nginx
age: 59
etag: "e46f40fd2bcc381b036a57467e7d41ba:1638814656.25437"
x-bip: 431022575 ra10 01 01
vary: Accept-Encoding
via: 2.0 CachOS
cache-control: max-age=300
mime-version: 1.0
strict-transport-security: max-age=300; includeSubDomains
accept-ranges: bytes
x-thanos: 0AB55002
content-length: 19844

GET
H2 200 selected-alternatives Show response
globo-ab.globo.com/v2/ 2 KB
1 KB 236ms
235ms Fetch
application/json 131.0.25.90
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://globo-ab.globo.com/v2/selected-alternatives?experiments=GLOBOPLAY-SMART-INTERVENTION-HOME,Globoplay-videoexperience-end-video-ciclo-web,GLOBOPLAY-HOME-carrossel,GLOBOPLAY-SELF-CARE-smart-intervention-cancelamento,Globoplay-videoexperience-drawer-ciclo2-web,GLOBOPLAY-LIVE-NOTIFICACOES,globoplay-home-trilho-top10-created09082021,globoplay-home-tapume-trilho-transmissoes-created22072021&skipImpressions=true

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.90 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-90.prt.globo.com

Software

nginx /

Resource Hash

8abf5619d582a07730bbe2ee5eeb6da93514755baa02560cf93b98b822052013

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://globoplay.globo.com/
x-platform-id: web
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
x-device-id: desktop
x-client-version: 3.499.1

Response headers

date: Mon, 03 Jan 2022 18:55:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=300; includeSubDomains
trace-id: 624b389fdaa3fc63
access-control-allow-headers: user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID

POST
H2 200 logged Show response
cocoon.globo.com/v2/user/ 189 B
699 B 231ms
231ms XHR
application/json 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged?servico_id=4654
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash: 06e668e573919155ff7500b99ae38362d113fdb5073aebb65f2f7051c18a20fe

Request headers

Referer: https://globoplay.globo.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:01 GMT
content-encoding: gzip
x-thanos: 0A83D0A7
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
x-request-id: 5df785e6-992b-4cfb-ae35-e63378e91425

OPTIONS
H2 204 selected-alternatives
globo-ab.globo.com/v2/ Frame 0
0 686ms
228ms Preflight
text/plain 131.0.25.90
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.90 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-90.prt.globo.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-client-version,x-device-id,x-platform-id
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 03 Jan 2022 18:55:01 GMT
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-headers: user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
content-type: text/plain charset=UTF-8
content-length: 0

OPTIONS
H2 204 logged
cocoon.globo.com/v2/user/ Frame 0
0 232ms
232ms Preflight 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged?servico_id=4654
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 03 Jan 2022 18:55:01 GMT
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods: POST, OPTIONS
access-control-allow-credentials: true
x-request-id: 86f2e023-6787-46ff-ab08-06179adf0dc2
x-thanos: 0A8490A2

GET
H/1.1 403
Forbidden p.globo-play-eu-notifications
stream.push.globo.com/ev/ 0
442 B 937ms
265ms EventSource
text/plain 131.0.25.59
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://stream.push.globo.com/ev/p.globo-play-eu-notifications

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

131.0.25.59 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-59.prt.globo.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
Vary: Origin
Access-Control-Allow-Origin: https://globoplay.globo.com
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0
X-Nginx-PushStream-Explain: Subscriber could not create channels.
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 graphql Show response
jarvis-aws.globo.com/ 2 KB
2 KB 389ms
389ms Fetch
application/json 2600:9000:211e:2a00:8:e35d:8840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jarvis-aws.globo.com/graphql?operationName=getTitleView&variables=%7B%22titleId%22%3A%22gHnkmg7Xvm%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%226082810bf42ab390f6654dcab56402eb6c49d3675d438f09b81fa019842b6d93%22%7D%7D
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2a00:8:e35d:8840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9934f3f209b188c2a5a5a3025e199ef277ad60cc98a477a279e05f6019c3f982

Request headers

glbuid: undefined
x-tenant-id: globo-play-eu
x-platform-id: web
x-client-version: 3.499.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json
Accept-Language: de-DE,de;q=0.9
accept: */*
Referer: https://globoplay.globo.com/
x-device-id: desktop

Response headers

date: Mon, 03 Jan 2022 18:55:01 GMT
content-encoding: gzip
x-tenant-id: globo-play-eu
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
x-cache-be: MISS
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-request-id: b4dddd8212f38bcdc61456d846816ff5
server: nginx/1.12.2
etag: W/"911-lat8Y0Hz8WTyxxSwDnUGkiFEzu4"
vary: Accept-Encoding,x-tenant-id,x-profile-type
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300, public
access-control-allow-headers: authorization,content-type,x-request-id,x-profile-type,x-client-version,x-device-id,x-platform-id,x-tenant-id,x-user-id,glbuid,x-country-code
x-amz-cf-id: 935nPJTACgIeKq5emaNb5FGRKwC4u77-V8QRBTPfMF5wwVK2yCLz1A==
x-country-code: DE

OPTIONS
H2 200 graphql
jarvis-aws.globo.com/ Frame 0
0 325ms
276ms Preflight
application/octet-stream 2600:9000:211e:2a00:8:e35d:8840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jarvis-aws.globo.com/graphql?operationName=getTitleView&variables=%7B%22titleId%22%3A%22gHnkmg7Xvm%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%226082810bf42ab390f6654dcab56402eb6c49d3675d438f09b81fa019842b6d93%22%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2a00:8:e35d:8840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,glbuid,x-client-version,x-device-id,x-platform-id,x-tenant-id
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/octet-stream
content-length: 0
date: Mon, 03 Jan 2022 18:55:01 GMT
server: nginx/1.12.2
x-request-id: 887c5dae3a44bef302526b0bf9222c0e
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
cache-control: public, max-age=300
access-control-allow-headers: authorization,content-type,x-request-id,x-profile-type,x-client-version,x-device-id,x-platform-id,x-tenant-id,x-user-id,glbuid,x-country-code
vary: x-tenant-id
x-cache: Miss from cloudfront
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: S7DmhrlxI0l5y1cXlDBy1K_24tKzywb0KvGIrL6wGfkngEtb-6q73A==

GET
H2 200 graphql Show response
jarvis-aws.globo.com/ 474 B
902 B 33ms
33ms Fetch
application/json 2600:9000:211e:2a00:8:e35d:8840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jarvis-aws.globo.com/graphql?operationName=getRemoteConfigs&variables=%7B%22scope%22%3A%22general%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22ab62cbaf8cdcb20d7f671069469d0686aa5436fd09420c52b7a46d900042e700%22%7D%7D
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2a00:8:e35d:8840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 883d9b93f2109b42cd6c668f7d3085ffcc7c42bcd99eb246f4ccf7daa20bb517

Request headers

glbuid: undefined
x-tenant-id: globo-play-eu
x-platform-id: web
x-client-version: 3.499.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json
Accept-Language: de-DE,de;q=0.9
accept: */*
Referer: https://globoplay.globo.com/
x-device-id: desktop

Response headers

date: Mon, 03 Jan 2022 18:54:48 GMT
content-encoding: gzip
x-tenant-id: globo-play-eu
age: 13
x-cache: Hit from cloudfront
x-cache-be: EXPIRED
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-request-id: 5631bb117aa39d4570e0a45972d12072
server: nginx/1.12.2
etag: W/"1da-c+XCu1LzscueWiCU4lOLPMge730"
vary: Accept-Encoding,x-tenant-id,x-profile-type
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300, public
x-amz-cf-pop: FRA56-C2
access-control-allow-headers: authorization,content-type,x-request-id,x-profile-type,x-client-version,x-device-id,x-platform-id,x-tenant-id,x-user-id,glbuid,x-country-code
x-amz-cf-id: Etxl9VuNeNoSSXqf-rI5v0r5ZwmoNe7W2hScWtz-Qu4cMPrsdeUOzw==
x-country-code: DE

OPTIONS
H2 200 graphql
jarvis-aws.globo.com/ Frame 0
0 84ms
36ms Preflight
application/octet-stream 2600:9000:211e:2a00:8:e35d:8840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jarvis-aws.globo.com/graphql?operationName=getRemoteConfigs&variables=%7B%22scope%22%3A%22general%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22ab62cbaf8cdcb20d7f671069469d0686aa5436fd09420c52b7a46d900042e700%22%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2a00:8:e35d:8840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,glbuid,x-client-version,x-device-id,x-platform-id,x-tenant-id
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/octet-stream
content-length: 0
date: Mon, 03 Jan 2022 18:51:51 GMT
server: nginx/1.12.2
x-request-id: 451f4b6eabb1a123c4deab52afd82ed6
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
cache-control: public, max-age=300
access-control-allow-headers: authorization,content-type,x-request-id,x-profile-type,x-client-version,x-device-id,x-platform-id,x-tenant-id,x-user-id,glbuid,x-country-code
vary: x-tenant-id
x-cache: Hit from cloudfront
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: LdPlINiNdNL4RjTnQCtpJOowhYCUfAx1cFUCHis0P5AIHB6qcGEbqg==
age: 190

GET
H/1.1 404
Not Found info Show response
security.video.globo.com/affiliates/ 68 B
439 B 1648ms
450ms Fetch
application/json 186.192.90.11
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://security.video.globo.com/affiliates/info
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 186.192.90.11 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-11.prt.globo.com
Software: nginx /
Resource Hash: 3aaf7f55868e7c9edc804114ec30038cfcde40cc89347011527b6a5c36111243

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Runtime: 0.008080
Date: Mon, 03 Jan 2022 18:55:02 GMT
X-HTTP-INTERNAL-STATUS: 404
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://globoplay.globo.com
Connection: keep-alive
Content-Encoding: gzip
X-Request-Id: 8fe47086-47f8-4058-b5dc-f0a4f8bf8227

GET
H2 200 horizon-client-js.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 11 KB
4 KB 226ms
226ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/bu/rt/js/glb-pv-min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:01 GMT
content-encoding: gzip
x-openstack-request-id: txc16ef08d990b43299bcc2-0061d344f5
last-modified: Fri, 13 Nov 2020 17:21:38 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1605288097.88717
cache-control: public, max-age=600
x-trans-id: txc16ef08d990b43299bcc2-0061d344f5
x-request-id: cbe39f2d-21e5-471b-92a0-c6a58c492f5e

GET
H2 200 graphql Show response
jarvis-aws.globo.com/ 241 B
986 B 281ms
281ms Fetch
application/json 2600:9000:211e:2a00:8:e35d:8840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jarvis-aws.globo.com/graphql?operationName=getSubscriptionServiceFaq&variables=%7B%22serviceId%22%3A151%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a748c829c6ca6209b9ee341d9644daf74217f665d549fba17811e6d4bd24ec33%22%7D%7D
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2a00:8:e35d:8840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1921120dce73d0a0c75031bd84d4da7b12bc3bc979a8a23647dee2db8fe97565

Request headers

glbuid: sBu5WHQZwodBmbHMr7LGIS49d3cUmJlAg5X7DN9oqko=
x-tenant-id: globo-play-eu
x-platform-id: web
x-client-version: 3.499.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json
Accept-Language: de-DE,de;q=0.9
accept: */*
Referer: https://globoplay.globo.com/
x-device-id: desktop

Response headers

date: Mon, 03 Jan 2022 18:55:01 GMT
content-encoding: gzip
x-cache-ec2: BYPASS
x-cache: RefreshHit from cloudfront
x-cache-be: MISS
server: nginx/1.12.2
x-tentant-id: globo-play-eu
x-cloudfront-viewer-country: DE
access-control-allow-origin: *
x-request-id: 1dfeca6ebc6034d6963f3bf073edf0d7
x-request-uri: /graphql?operationName=getSubscriptionServiceFaq&variables=%7B%22serviceId%22%3A151%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a748c829c6ca6209b9ee341d9644daf74217f665d549fba17811e6d4bd24ec33%22%7D%7D
etag: W/"f1-zNq3VXWB3i46/lYZuQAqQfU+wzE"
vary: Accept-Encoding,x-tenant-id,x-profile-type
content-type: application/json; charset=utf-8
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=1800, public
x-amz-cf-pop: FRA56-C2
access-control-allow-headers: authorization,content-type,x-request-id,x-profile-type,x-client-version,x-device-id,x-platform-id,x-tenant-id,x-user-id,glbuid,x-country-code
x-amz-cf-id: uzhfDmLX_MSSrVHmz0y0cKnd6tHeIYwtTAbfUzzFUWmkH9Z8N0pHhw==
x-country-code: DE

OPTIONS
H2 200 graphql
jarvis-aws.globo.com/ Frame 0
0 20ms
20ms Preflight
application/octet-stream 2600:9000:211e:2a00:8:e35d:8840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jarvis-aws.globo.com/graphql?operationName=getSubscriptionServiceFaq&variables=%7B%22serviceId%22%3A151%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a748c829c6ca6209b9ee341d9644daf74217f665d549fba17811e6d4bd24ec33%22%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2a00:8:e35d:8840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,glbuid,x-client-version,x-device-id,x-platform-id,x-tenant-id
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/octet-stream
content-length: 0
date: Mon, 03 Jan 2022 18:51:12 GMT
server: nginx/1.12.2
x-request-id: 02903060531cd3a6a7e8427d0c934728
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
cache-control: public, max-age=300
access-control-allow-headers: authorization,content-type,x-request-id,x-profile-type,x-client-version,x-device-id,x-platform-id,x-tenant-id,x-user-id,glbuid,x-country-code
vary: x-tenant-id
x-cache: Hit from cloudfront
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Q32npa1RrUgOE-3MX69qe77RO_IS8FIlqmgz3n4SMe6B5a1R_hDQIQ==
age: 229

GET
H/1.1 200
OK track
horizon.globo.com/auth-session/activity/globoplay/ 0
471 B 1151ms
464ms Image
text/plain 131.0.25.68
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/globoplay/track?object=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&time=0&clicks=0&scroll=100.00&scrollabs=0&objecttype=&client_version=0.3.11

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.68 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-68.prt.globo.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:02 GMT
Server: nginx
Connection: keep-alive
X-Served-From: hzt-tsuru
Content-Length: 0
Strict-Transport-Security: max-age=60
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK horizon-pageview
horizon.globo.com/auth-session/activity/globoplay/ 0
471 B 1179ms
462ms Image
text/plain 131.0.25.68
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/globoplay/horizon-pageview?object=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&Referrer=&tags=&client_version=0.3.11

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.68 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-68.prt.globo.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:02 GMT
Server: nginx
Connection: keep-alive
X-Served-From: hzt-tsuru
Content-Length: 0
Strict-Transport-Security: max-age=60
Content-Type: text/plain; charset=UTF-8

GET
H2 200 graphql Show response
jarvis-aws.globo.com/ 252 B
750 B 340ms
340ms Fetch
application/json 2600:9000:211e:2a00:8:e35d:8840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jarvis-aws.globo.com/graphql?operationName=getTitleStructure&variables=%7B%22titleId%22%3A%22gHnkmg7Xvm%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2253908b9cb0296317f6865d42fee2184a59dbe9c6a34c447769e421a4b4ab6e55%22%7D%7D
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2a00:8:e35d:8840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 6f84b6fec074249bfea06b1263c7868e03f6128ed50b20e1b8e08118d163de64

Request headers

glbuid: sBu5WHQZwodBmbHMr7LGIS49d3cUmJlAg5X7DN9oqko=
x-tenant-id: globo-play-eu
x-platform-id: web
x-client-version: 3.499.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json
Accept-Language: de-DE,de;q=0.9
accept: */*
Referer: https://globoplay.globo.com/
x-device-id: desktop

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-tenant-id: globo-play-eu
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
x-cache-be: MISS
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-request-id: afbd4f76d747930710ff833185b9d7ae
server: nginx/1.12.2
etag: W/"fc-jsK4XvDuGnCn2tCWTCOJXz7qaOk"
vary: Accept-Encoding,x-tenant-id,x-profile-type
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300, public
access-control-allow-headers: authorization,content-type,x-request-id,x-profile-type,x-client-version,x-device-id,x-platform-id,x-tenant-id,x-user-id,glbuid,x-country-code
x-amz-cf-id: IUaCr5ZPOr7-xmTWod7j2BB1ir1EOYuDP08csT-lAxtYlmem2DAA0A==
x-country-code: DE

OPTIONS
H2 200 graphql
jarvis-aws.globo.com/ Frame 0
0 259ms
258ms Preflight
application/octet-stream 2600:9000:211e:2a00:8:e35d:8840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jarvis-aws.globo.com/graphql?operationName=getTitleStructure&variables=%7B%22titleId%22%3A%22gHnkmg7Xvm%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2253908b9cb0296317f6865d42fee2184a59dbe9c6a34c447769e421a4b4ab6e55%22%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2a00:8:e35d:8840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,glbuid,x-client-version,x-device-id,x-platform-id,x-tenant-id
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/octet-stream
content-length: 0
date: Mon, 03 Jan 2022 18:55:01 GMT
server: nginx/1.12.2
x-request-id: b978215b85fcd839a7023182d4ac13df
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
cache-control: public, max-age=300
access-control-allow-headers: authorization,content-type,x-request-id,x-profile-type,x-client-version,x-device-id,x-platform-id,x-tenant-id,x-user-id,glbuid,x-country-code
vary: x-tenant-id
x-cache: Miss from cloudfront
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: pAOIroTgqMPiEnw0x69Ic0BAcU5dhTVJFxdcefEdLwYy8bCp73uvdw==

GET
H2 200 truCookieConsent-9.6.min.js Show response
tcc.cdn-trunomi.com/9/ 298 KB
79 KB 77ms
30ms Script
application/javascript 2606:4700:3035::ac43:9e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tcc.cdn-trunomi.com/9/truCookieConsent-9.6.min.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-client-bundle-d60d0e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296d3bf25accfb8a4d34852f1d2e3aaf5f8545c9d8b77fd3a47ac9362fc23c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336530
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 Sep 2021 07:25:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4a660-5ccf501a09b75-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3%2Bel7%2BL%2B7ItRh%2Bs9WAMoJlTKUUWopp%2FpIQbm9tCzZIqAq9eeVIFBwvILiZwPspAQPPcDsTWXC1yn3DTjTvkqJuMNy1YMfWCyIhRwde6JmqVycWW8OpG6zhgxUjJxs3cqcApE4GliPlFcnt0eKfiLkyn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=604800
cf-ray: 6c7e70654f735bf1-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 06 Jan 2022 21:26:11 GMT

GET
H2 200 v Show response
tcc-apikeys.cdn-trunomi.com/c/ 264 B
1001 B 463ms
422ms XHR
application/json 2606:4700:3035::ac43:9e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tcc-apikeys.cdn-trunomi.com/c/v?d=globoplay.globo.com&p=truCookieConsent&v=9&k=bdee2c8a2f5c4990cb9f8e3b2abf62b04b5d3046&format=json

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c936d4d69fc5dcd046f6e9204de3aa5932613fdca4609377b7d8b8656b384bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: application/json, text/plain, */*
Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-apikeys: miss
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cN8yKDo8TyDec62%2BWeaxSwTxdo8yMm0aQRn04XiiTrImARmb6XJuKqM2eV2omfERURkfIfkr3mDfZ6Dt61BpVXriUxPdm2eA8ymCGlxft%2Fd0in%2Bje5%2FfYRXAfnYhmCvV2QncPyuQn1XitEx8IyoJsJPUvmWnMRElKA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=7200, private
cf-ray: 6c7e7065fbc65b92-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Mon, 03 Jan 2022 20:55:02 GMT

GET
H2 200 tm13574.js Show response
tag.navdmp.com/ 17 KB
6 KB 67ms
24ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13574.js
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:04 GMT
server: cloudflare
age: 132
etag: W/"6137b330-4291"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6c7e7065fe4d42e7-FRA
content-type: application/javascript
expires: Mon, 03 Jan 2022 19:52:50 GMT

GET
H2 200 AGSKWxXh_Q-F8xwQI7SfcAhUW1ok8hgboIWxKct7aw7HEdfmYPA9Qv-lJ75gL3iA8O--zAp_JNGP7NWTTguumROQ Show response
fundingchoicesmessages.google.com/f/ 79 KB
29 KB 150ms
66ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXh_Q-F8xwQI7SfcAhUW1ok8hgboIWxKct7aw7HEdfmYPA9Qv-lJ75gL3iA8O--zAp_JNGP7NWTTguumROQ

Requested by

Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48f21b86846d2ddf7860b4d02929ef826326bfc6ed851edb9f9a302be7d4cc9e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g/kpBlPojqEgQm7TqWOcuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-g/kpBlPojqEgQm7TqWOcuA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-g/kpBlPojqEgQm7TqWOcuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-g/kpBlPojqEgQm7TqWOcuA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 horizon-common-hit.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 41 KB
14 KB 226ms
226ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: fb4c391be2dd9e927d16789bebea68314f10f75383bc4a7b920e8addfdf3e44c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-openstack-request-id: txe9b479d2ff4f4c77af54e-0061d2346d
last-modified: Wed, 22 Dec 2021 23:24:10 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1640215449.32111
cache-control: max-age=86400
x-trans-id: txe9b479d2ff4f4c77af54e-0061d2346d
x-request-id: 63bb251b-29b8-451a-a64a-0e8cdd0c5b0d

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 226ms
226ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=ut4.46.201810232145

Requested by

Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1053848497 ra03 11 04
age: 321
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: 0bebffaa-4718-4500-92bb-5a4eb20680a8
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB1D00B
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 03 Jan 2022 19:49:40 GMT

GET
H2 200 / Show response
usergate.globo.com/ 31 B
359 B 707ms
234ms XHR
text/plain 201.7.182.142
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://usergate.globo.com/

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.182.142 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

nginx /

Resource Hash

a6b377baaf9632d50fc94294dbaf90b299549891a17a9b1fac816fe000ec9353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 usr Show response
usr.navdmp.com/ 76 B
287 B 180ms
160ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a80b47af8f7996c443a6a5e9d17e1ee3c2cdd55dd6a902177c497d153fa6987b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c7e70664f5b42e7-FRA
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Mon, 03 Jan 2022 19:55:02 GMT

GET
H2 200 AGSKWxV5OlKSaLgyo8cf1X2-zpRzjftGF1HRrTi6D_U6EzzJfEw7_-l6sfmaSRosZunKbQBZdnl6cBTkT33Sjqa7 Show response
fundingchoicesmessages.google.com/f/ 61 KB
23 KB 125ms
124ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV5OlKSaLgyo8cf1X2-zpRzjftGF1HRrTi6D_U6EzzJfEw7_-l6sfmaSRosZunKbQBZdnl6cBTkT33Sjqa7?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQxMjM2MTAyLDI1MzAwMDAwMF0sIjk5MzkwOTg3LUZCNzQtNDJFQy05QTk0LTNBNDNGMDUxNUIxNCIsIjlGMDJDNTg3LTE2REItNDVBOC04QjFDLTkzNDlBNEY1Qzg4MiIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLHRydWUsdHJ1ZV0sImh0dHBzOi8vZ2xvYm9wbGF5Lmdsb2JvLmNvbS9tYWxoYWNhby1zb25ob3MvdC9nSG5rbWc3WHZtLyIsbnVsbCxbXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.KLc8KbJV95Q.es5.O/d=1/rs=AJlcJMwJqmdDiwK4nS6at5D4r4_xZPDaSg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b023562418fb4e4e756a7ef8a19a501cc94c2d06283798b9630c6fa7e1076be

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-flvaWG9nA4/ljwGgkEFdQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-flvaWG9nA4/ljwGgkEFdQw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-flvaWG9nA4/ljwGgkEFdQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-flvaWG9nA4/ljwGgkEFdQw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tv4.min.js Show response
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 28 KB
10 KB 226ms
226ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-openstack-request-id: txd75a01d6afad43e08c2a8-0061799dec
last-modified: Fri, 25 May 2018 14:11:50 GMT
x-thanos: 0AB54006
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1527257509.32548
cache-control: public, max-age=31536000
x-trans-id: txd75a01d6afad43e08c2a8-0061799dec
x-request-id: 6df142f4-e8d2-4be7-825a-e14098610d7e

GET
H2 200 utag.43.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 33 KB
8 KB 35ms
14ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.43.js?utv=ut4.46.202108171844
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ea7b051ce6894ed440c7f39370387ba025723db626f064db01feb758ad8d7674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:34 GMT
server: AkamaiNetStorage
etag: "df14306fa13f341814d3707d25351d6b:1633659754.493845"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 8222
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.86.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 10 KB
3 KB 33ms
12ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.86.js?utv=ut4.46.202005051920
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4b496b28a3d5340b085748f83b37490779ed2e16362f017bcea4aa4d394a0b31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:22 GMT
server: AkamaiNetStorage
etag: "721f819b9342611b5f061688097b6010:1633659742.86523"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3233
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.90.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 2 KB
1 KB 34ms
14ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.90.js?utv=ut4.46.201810232145
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d39dde5b60f6bb482765f430c3265ed117b2769dcc8f6971d2f0cc37fdf6965

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:22 GMT
server: AkamaiNetStorage
etag: "564bce74d8a8fd73e00fad50d81ddf57:1633659742.536305"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 902
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.100.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 1 KB
1023 B 37ms
17ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.100.js?utv=ut4.46.201902271841
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bf45935e01e4a5d30b325671ed91e559c67e8dff34babe304f2622c732005691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:32 GMT
server: AkamaiNetStorage
etag: "af0b3c5ab8b99fe7cdcb91bc5730a495:1633659752.683801"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 793
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.128.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 2 KB
1 KB 40ms
20ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.128.js?utv=ut4.46.201907031711
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d10cc8560b7e4cfe84a53b01f7932d74dcbb5f3a4e55b37a19d6efc7ae88755f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:30 GMT
server: AkamaiNetStorage
etag: "3a925869cc45ed8296b60ee6c00078af:1633659750.647336"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 969
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.106.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 4 KB
2 KB 44ms
24ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.106.js?utv=ut4.46.201904041725
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a13eb934d50320de5a924cc5c6a726f5bd70643eb5e8b8e1ad5664311b07a519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:30 GMT
server: AkamaiNetStorage
etag: "208b674f954d59f28e92b11d44691cb3:1633659750.989881"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1583
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.149.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 1 KB
925 B 13ms
11ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.149.js?utv=ut4.46.202102191915
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 99cb06f5ecceaae0f0c584118ade797bfbc8d648666fbd2fa4cc455486d2da69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:23 GMT
server: AkamaiNetStorage
etag: "e52d61eaf8ce7d860f287aeb7874da24:1633659743.212853"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 696
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.158.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 1 KB
1023 B 15ms
13ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.158.js?utv=ut4.46.202102171923
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 164aece9f6fab01c53570306d1a35687e476310cdd9a9a3bbfaa387f513419a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:33 GMT
server: AkamaiNetStorage
etag: "6ad0e16ca641472c6b7b6af22a61fe3e:1633659753.731331"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 794
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.159.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 2 KB
1 KB 18ms
16ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.159.js?utv=ut4.46.202011092130
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e9e6a37a6460dfc2e41c57da11e6858364b01993866a6c06de0be4022934bcb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:23 GMT
server: AkamaiNetStorage
etag: "85fb41cbb3b7e756ca52d8652235ca4f:1633659743.907462"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 874
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.160.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 4 KB
2 KB 23ms
21ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.160.js?utv=ut4.46.202104071247
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1d2edf4fb9c6ae046fe3e069d4801f1a092aa26a8a58110b01638450fb97bf8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:26 GMT
server: AkamaiNetStorage
etag: "31f0c3ef0ec84db9e6d2642f55693bf4:1633659746.541231"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1680
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.163.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 3 KB
1 KB 25ms
23ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.163.js?utv=ut4.46.202106281402
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cc095fa6b3a5b73c34ab5b62f5c88a500af4745e56a92fc7d97dfe52931babe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:21 GMT
server: AkamaiNetStorage
etag: "5c9fcccfe1ab4404dde52b16e2afc382:1633659741.85192"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1173
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.168.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 7 KB
3 KB 29ms
27ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.168.js?utv=ut4.46.202102011857
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 13caffd464ea5bd21bae6e99dce436e60420f17bbb8f2c846309ffa32bc64d3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:20 GMT
server: AkamaiNetStorage
etag: "056a918022b12c6a3832440b00609c0f:1633659740.845414"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2655
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.169.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 7 KB
3 KB 31ms
29ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.169.js?utv=ut4.46.202101291922
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b5fe294cb1a1feb486065b01477c636688ca9373d462c35b9f97727e8dce2998

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:32 GMT
server: AkamaiNetStorage
etag: "e04dd51463717dbbfa0ddf1ea612dad8:1633659752.351698"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2840
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.178.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 11 KB
4 KB 33ms
31ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.178.js?utv=ut4.46.202106091236
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4af66d9913a3cf33c80d6b98515342cf76b65a5568f5912e841d6604f6ee4d1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:24 GMT
server: AkamaiNetStorage
etag: "692b836bdbef983cc24845a66c331ab4:1633659744.964147"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3685
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.183.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 11 KB
4 KB 35ms
33ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.183.js?utv=ut4.46.202106081332
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 73da9ffb09e151f91f85b93c73ab6288cb3e54c56000423cdb8ba9159fc08d33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:32 GMT
server: AkamaiNetStorage
etag: "4cee61aff2a840e45e6eaaf936e63020:1633659753.028231"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3516
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.201.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 3 KB
2 KB 37ms
35ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.201.js?utv=ut4.46.202107291521
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ac0db2d1661d9cf7e3cfe9ba7a3a328949f403884112dbb223f854dbc3d5114a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:29 GMT
server: AkamaiNetStorage
etag: "95984f3853a821ca8aa91d5e301c18fc:1633659749.95459"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1482
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.204.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 1 KB
1023 B 39ms
37ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.204.js?utv=ut4.46.202112031957
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dd44fdc011930b48da2034dec6604ccb2a9bf034b5943fe12c4656b20c388630

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 02:22:28 GMT
server: AkamaiNetStorage
etag: "0d233fc857ed8fd588b100633b3b2d74:1633659748.895842"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 793
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.219.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 8 KB
3 KB 42ms
39ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.219.js?utv=ut4.46.202112031613
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f53d84c8bb25769a98c7c703ddad95e1f108f7f3008364bcabeac0fd54481c30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 18:19:41 GMT
server: AkamaiNetStorage
etag: "dbd7f47694a5464f418e691feb6d2df7:1636049981.549092"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2879
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 utag.223.js Show response
tags.tiqcdn.com/utag/globo/globoplay/prod/ 8 KB
3 KB 43ms
41ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.223.js?utv=ut4.46.202112031613
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5c1c12b8647314712840b8fe12c46f7172aa733da0c3b148eb805f8df36c7771

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 18:19:43 GMT
server: AkamaiNetStorage
etag: "752b0fcfa1a9ae0ad1fcfb0a39b28ce2:1636049983.15801"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3076
expires: Tue, 18 Jan 2022 18:55:02 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
78 B 151ms
142ms Script
application/x-javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=ffbcb700f30fdc64919d68edc09&acc=13574&url=https%3A//globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/&tit=Assistir%20online%20no%20Globoplay&h1=Malha%E7%E3o%20Sonhos
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6c7e70676a4842e7-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
337 B 94ms
26ms Script
text/plain 52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=ffbcb700f30fdc64919d68edc09
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1641236102
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 8ms
7ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=globo/globoplay/202112061817&cb=1641236102368
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 03 Jan 2022 19:05:02 GMT

GET
H2 200 / Show response
usergate.globo.com/ 31 B
359 B 417ms
234ms XHR
text/plain 201.7.182.142
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://usergate.globo.com/

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.182.142 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

nginx /

Resource Hash

a6b377baaf9632d50fc94294dbaf90b299549891a17a9b1fac816fe000ec9353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4808
date: Mon, 03 Jan 2022 17:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 03 Jan 2022 19:34:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: jmmt3LbMJ5CEbyp8jOvq+dIGXetSbVcD2h+qwuDbemIG9rXx/tatGyDCrsKstSguNc3Kodtrj08c5fpoWh0OOQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 03 Jan 2022 18:55:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tracking.js Show response
app.shoptarget.com.br/js/ 20 KB
7 KB 43ms
7ms Script
application/javascript 13.32.27.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.shoptarget.com.br/js/tracking.js
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-16.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86e467735c7c594f72fa0a2adccb89a36590f601446fdbf1de3f0aead46c7b43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: CzK.wXZAzki8t7nWZWFv0B8JJD_MQ.pS
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 13:43:00 GMT
server: AmazonS3
age: 879
etag: W/"3a7b70eb7bc47fffe80267fbaef15990"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
cache-control: max-age=900,s-maxage=900
date: Mon, 03 Jan 2022 18:40:23 GMT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: WOedwHwHLe-KR2Wh-9UTUusvLPDZSGHjqBemkL8TtYL5bRq5sRsHVQ==

GET
H2 200 / Show response
usergate.globo.com/ 31 B
359 B 414ms
236ms XHR
text/plain 201.7.182.142
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://usergate.globo.com/

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.182.142 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

nginx /

Resource Hash

a6b377baaf9632d50fc94294dbaf90b299549891a17a9b1fac816fe000ec9353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 138ms
52ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-952156414

Requested by

Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3398e22245f8d8b8931adcd6eff226ffbe5599b6e025490b2877ae52a335282c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39579
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Jan 2022 18:55:02 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 119 KB
36 KB 160ms
124ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NM1IDO3VNUQLVLF980&lib=ttq
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 731d2de2bbddc41a1bc026863710d597156cec734905604383a9971ccca3e991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id: 60c7248c.1087ae4b
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a96-6-42-60.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1641236102470813
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 114,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=113, origin; dur=4, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 202201031855020101130060690542F253
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,96.6.42.60
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbac8325810d9f70b61dc5df70544f1ab13de7b20cdac4c19b12579bf25726e1371f25154f53cc0c0eaa67b2ca2acbbdf42a5c201ebdd15d1be299c10d614c84bb622986cf07eaea527d3fc57cf8c5e5fc20155e34716dabdadbc8b325cbc6dcde3
expires: Mon, 03 Jan 2022 18:55:02 GMT

GET
H2

200

tags Show response
us.creativecdn.com/ Frame 4C6D
Redirect Chain

https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F...
https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F...

244 B
554 B

97ms
97ms

Document
text/html

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&sr=&ts=1641236102381&tc=1
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: be59f5c62509502400a70ae10d6ed561b14de1db21ed9a5916c66f74cf8689f5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT Mon, 03 Jan 2022 18:55:02 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin, Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-length: 196

Redirect headers

date: Mon, 03 Jan 2022 18:55:02 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&sr=&ts=1641236102381&tc=1
content-length: 0

GET
H3

200

activityi;dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349 Show response
8622355.fls.doubleclick.net/ Frame 69C8
Redirect Chain

https://8622355.fls.doubleclick.net/activityi;src=8622355;type=play;cat=allpages;ord=489684455190.349?
https://8622355.fls.doubleclick.net/activityi;dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349?

439 B
366 B

102ms
55ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8622355.fls.doubleclick.net/activityi;dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349?

Requested by

Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

4b156cd22fb86aeb9fc1983163fee0dd2e265dbd958b1ff38a571ab4732318d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jan 2022 18:55:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jan 2022 18:55:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8622355.fls.doubleclick.net/activityi;dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rrpdr7kps.js Show response
cdn.krxd.net/controltag/ 64 KB
18 KB 37ms
7ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/rrpdr7kps.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.149.js?utv=ut4.46.202102191915
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e68234c6007e438bf8cd985e03f7dd144bb17eb16968f86c1ce0645fea82abc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Mon, 03 Jan 2022 18:55:02 GMT
via: 1.1 varnish, 1.1 varnish
age: 924
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 17965
x-served-by: config-service-a001-ash-prod.krxd.net, cache-iad-kiad7000097-IAD, cache-hhn4069-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1641236102.417732,VS0,VE1
etag: "11e1c12fe3330194e4aaff0c7deed60a812dfbf6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 Fixel.min.js Show response
script.fixel.ai/script/compressed/ 20 KB
7 KB 64ms
24ms Script
application/javascript 2600:9000:2057:600:1a:6635:8d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.fixel.ai/script/compressed/Fixel.min.js
Requested by: Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:600:1a:6635:8d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45b52cc7cdb901e5e1ddc82198b567717ea6da0b50c6d84aa07d0b54e49a2795

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 1kTPIiEwTCSFhZmUGsiCrVMEt5XnfblO
content-encoding: gzip
etag: W/"4d440e8fefe55ca847d4d589128b912f"
last-modified: Mon, 22 Feb 2021 09:57:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
date: Mon, 03 Jan 2022 18:55:02 GMT
x-amz-cf-id: WUsmVCzhrMqEA5lW8UnWNUbtzO8JFTHcsDiA3Cn_BtLKhB_qnksvHg==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 522 B
633 B 58ms
17ms Script
application/javascript 178.250.0.147
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=61498

Requested by

Host: tags.globo.com
URL: https://tags.globo.com/utag/globo/globoplay/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.147 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

412779865ecbbc7e94cf73e45fa097bdb66da1a3e3c714f25efe1eedb2979ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2

200

tags Show response
us.creativecdn.com/ Frame 4DF8
Redirect Chain

https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT_offer_gHnkmg7Xvm&id=pr_1zSyBx00pXTGj9bZFsVT_custom_usergroup_desconhecido&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&...
https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT_offer_gHnkmg7Xvm&id=pr_1zSyBx00pXTGj9bZFsVT_custom_usergroup_desconhecido&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&...

127 B
494 B

306ms
306ms

Document
text/html

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT_offer_gHnkmg7Xvm&id=pr_1zSyBx00pXTGj9bZFsVT_custom_usergroup_desconhecido&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&sr=&ts=1641236102385&tc=1
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/globoplay/prod/utag.201.js?utv=ut4.46.202107291521
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: af318ee8e0c68dd67e34b882ad76aabc020d6f1d4f1b9da8c62f40887278c1bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT Mon, 03 Jan 2022 18:55:02 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin, Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-length: 136

Redirect headers

date: Mon, 03 Jan 2022 18:55:02 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT_offer_gHnkmg7Xvm&id=pr_1zSyBx00pXTGj9bZFsVT_custom_usergroup_desconhecido&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&sr=&ts=1641236102385&tc=1
content-length: 0

GET
H2 200 / Show response
usergate.globo.com/ 31 B
359 B 399ms
233ms XHR
text/plain 201.7.182.142
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://usergate.globo.com/

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.182.142 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

nginx /

Resource Hash

a6b377baaf9632d50fc94294dbaf90b299549891a17a9b1fac816fe000ec9353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 / Show response
usergate.globo.com/ 31 B
359 B 398ms
235ms XHR
text/plain 201.7.182.142
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://usergate.globo.com/

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.182.142 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

nginx /

Resource Hash

a6b377baaf9632d50fc94294dbaf90b299549891a17a9b1fac816fe000ec9353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 / Show response
usergate.globo.com/ 31 B
359 B 396ms
235ms XHR
text/plain 201.7.182.142
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://usergate.globo.com/

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.182.142 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

nginx /

Resource Hash

a6b377baaf9632d50fc94294dbaf90b299549891a17a9b1fac816fe000ec9353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2

200

img
cdn.navdmp.com/
Redirect Chain

https://cdn.navdmp.com/cus?acc=13574&cus=197685&img=1
https://cdn.navdmp.com/img?acc=13574&cus=197685&img=1

43 B
130 B

171ms
171ms

Image
image/gif

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.navdmp.com/img?acc=13574&cus=197685&img=1
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 6c7e7068fe2042e7-FRA
content-length: 43

Redirect headers

date: Mon, 03 Jan 2022 18:55:02 GMT
cf-cache-status: DYNAMIC
last-modified: Monday, 03-Jan-2022 18:55:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
location: https://cdn.navdmp.com/img?acc=13574&cus=197685&img=1
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
act: f0
cf-ray: 6c7e7067fbc142e7-FRA

GET
H2 200 activity;xsp=4467268;ord=1;num=5795896098784.834
pubads.g.doubleclick.net/ 42 B
635 B 167ms
76ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4467268;ord=1;num=5795896098784.834?

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DFPAudiencePixel;ord=1025317324838.9236;dc_seg=767380089
pubads.g.doubleclick.net/activity;dc_iu=/95377733/ 42 B
209 B 163ms
76ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/95377733/DFPAudiencePixel;ord=1025317324838.9236;dc_seg=767380089?

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4803 Show response
app.shoptarget.com.br/impulse_api/is_impulse/ 20 B
399 B 27ms
11ms XHR
application/json 13.32.27.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.shoptarget.com.br/impulse_api/is_impulse/4803
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-16.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b67faff28a680adf93595eb3cf8e9fdd22a8959744e863354ae393f7c72f1ea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:50:28 GMT
content-encoding: gzip
server: nginx
age: 274
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 0nF0bnfHdu1gcW67HjXXlAtVjvbjyZ9WjTHoKJ3bvakY1P66ea0MQw==
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 467226423720066 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/467226423720066?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48be3c82e2e8de345942c26246012d418cb05d91f952524f740de47001dcab1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89366
x-xss-protection: 0
pragma: public
x-fb-debug: aiNDXKfkLloEgZyNoMeLg2kBvhB0+TO+Vihschvs1Xkf50+8+GaAkWEwcxVE8u+DkL4atJQJml4nsd5lYo/VIw==
x-frame-options: DENY
date: Mon, 03 Jan 2022 18:55:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 7ms
7ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/rrpdr7kps.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
age: 3008025
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 6166797
content-length: 84509
x-served-by: cache-hhn4069-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1641236102.443767,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 FXL-111-1159.json Show response
script.fixel.ai/config/ 150 B
600 B 11ms
11ms XHR
application/json 2600:9000:2057:600:1a:6635:8d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.fixel.ai/config/FXL-111-1159.json
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:600:1a:6635:8d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3eb72909a45baf51b0e985aa1abbf161cc3a12ed78ec060001fee207c9c50319

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

x-amz-version-id: eMz.koGPU6LODheAJ3T2q2AGS23poLNy
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
etag: "53ba06e63a9b6c559481c356e07a9482"
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 150
last-modified: Tue, 17 Nov 2020 15:21:22 GMT
server: AmazonS3
date: Mon, 03 Jan 2022 18:55:02 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 5e0W25XC5W4dv209EqvgWfClFHFnf6zW7-nymbdlWLK0OFDRHfcEdQ==

OPTIONS
H2 200 FXL-111-1159.json
script.fixel.ai/config/ Frame 0
0 25ms
9ms Preflight 2600:9000:2057:600:1a:6635:8d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.fixel.ai/config/FXL-111-1159.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:600:1a:6635:8d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Mon, 03 Jan 2022 18:47:05 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 3YXF7re_EjM439mjQYV-3aRZDymQo-P88mIpw0GkLlTItiNLNWV9Qw==
age: 478

GET
H2 200 graphql Show response
jarvis-aws.globo.com/ 453 B
1 KB 21ms
20ms Fetch
application/json 2600:9000:211e:2a00:8:e35d:8840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jarvis-aws.globo.com/graphql?operationName=getRemoteConfigs&variables=%7B%22scope%22%3A%22bbb%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22ab62cbaf8cdcb20d7f671069469d0686aa5436fd09420c52b7a46d900042e700%22%7D%7D
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2a00:8:e35d:8840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: cfb6074cb53a7b9acdaca25cf750495b66c35384c9d76decce443bddad1a54f5

Request headers

glbuid: sBu5WHQZwodBmbHMr7LGIS49d3cUmJlAg5X7DN9oqko=
x-tenant-id: globo-play-eu
x-platform-id: web
x-client-version: 3.499.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json
Accept-Language: de-DE,de;q=0.9
accept: */*
Referer: https://globoplay.globo.com/
x-device-id: desktop

Response headers

date: Mon, 03 Jan 2022 18:53:24 GMT
content-encoding: gzip
age: 98
x-cache: Hit from cloudfront
x-cache-be: MISS
server: nginx/1.12.2
x-tentant-id: globo-play-eu
x-cloudfront-viewer-country: DE
access-control-allow-origin: *
x-request-id: 94697ae4d2b3c9f7f252aab611682737
x-cache-ec2: BYPASS
x-request-uri: /graphql?operationName=getRemoteConfigs&variables=%7B%22scope%22%3A%22bbb%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22ab62cbaf8cdcb20d7f671069469d0686aa5436fd09420c52b7a46d900042e700%22%7D%7D
etag: W/"1c5-wkER6cbCj/bAbW3HRvz3d6E4OL4"
vary: Accept-Encoding,x-tenant-id,x-profile-type
content-type: application/json; charset=utf-8
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA56-C2
access-control-allow-headers: authorization,content-type,x-request-id,x-profile-type,x-client-version,x-device-id,x-platform-id,x-tenant-id,x-user-id,glbuid,x-country-code
x-amz-cf-id: eN1EKESRviVu2LTFrXPV_pm5G3yvlTIMsWqC2OD7M7tE6gEa-Zn9Qg==
x-country-code: DE

OPTIONS
H2 200 graphql
jarvis-aws.globo.com/ Frame 0
0 19ms
19ms Preflight
application/octet-stream 2600:9000:211e:2a00:8:e35d:8840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jarvis-aws.globo.com/graphql?operationName=getRemoteConfigs&variables=%7B%22scope%22%3A%22bbb%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22ab62cbaf8cdcb20d7f671069469d0686aa5436fd09420c52b7a46d900042e700%22%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2a00:8:e35d:8840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,glbuid,x-client-version,x-device-id,x-platform-id,x-tenant-id
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/octet-stream
content-length: 0
date: Mon, 03 Jan 2022 18:53:23 GMT
server: nginx/1.12.2
x-request-id: 9fb83b8709ea483dd8e3ac925ef04df3
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
cache-control: public, max-age=300
access-control-allow-headers: authorization,content-type,x-request-id,x-profile-type,x-client-version,x-device-id,x-platform-id,x-tenant-id,x-user-id,glbuid,x-country-code
vary: x-tenant-id
x-cache: Hit from cloudfront
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: ovrB_0wWT4vI1rHXVAp7UvkYDL2c-mJP4J_QLL4W8DIWPfcSiov-Og==
age: 98

GET
H2 200 graphql Show response
jarvis-aws.globo.com/ 12 KB
4 KB 387ms
387ms Fetch
application/json 2600:9000:211e:2a00:8:e35d:8840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jarvis-aws.globo.com/graphql?operationName=getEpisodes&variables=%7B%22titleId%22%3A%22gHnkmg7Xvm%22%2C%22page%22%3A1%2C%22perPage%22%3A14%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22ff402dbbc24cd71c60a3e6a1a68576bce7c037521d1321eb5a25cbaf2d694a24%22%7D%7D
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2a00:8:e35d:8840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e25647f123b16e24dcb2aea5bb1d2d3a00f0b6c84c70a2e1c5101b230f952c99

Request headers

glbuid: sBu5WHQZwodBmbHMr7LGIS49d3cUmJlAg5X7DN9oqko=
x-tenant-id: globo-play-eu
x-platform-id: web
x-client-version: 3.499.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json
Accept-Language: de-DE,de;q=0.9
accept: */*
Referer: https://globoplay.globo.com/
x-device-id: desktop

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
content-encoding: gzip
x-tenant-id: globo-play-eu
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
x-cache-be: MISS
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-request-id: c7573c77762af41869393af13422817a
server: nginx/1.12.2
etag: W/"3030-oonqtsPrZ2WDM7YJfomWeaonU3c"
vary: Accept-Encoding,x-tenant-id,x-profile-type
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300, public
access-control-allow-headers: authorization,content-type,x-request-id,x-profile-type,x-client-version,x-device-id,x-platform-id,x-tenant-id,x-user-id,glbuid,x-country-code
x-amz-cf-id: TnBIjfS5pmGXRDgMi1PL0cY--LEneVRQU3fS1AkIratm2LRcdnUQMg==
x-country-code: DE

OPTIONS
H2 200 graphql
jarvis-aws.globo.com/ Frame 0
0 263ms
263ms Preflight
application/octet-stream 2600:9000:211e:2a00:8:e35d:8840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jarvis-aws.globo.com/graphql?operationName=getEpisodes&variables=%7B%22titleId%22%3A%22gHnkmg7Xvm%22%2C%22page%22%3A1%2C%22perPage%22%3A14%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22ff402dbbc24cd71c60a3e6a1a68576bce7c037521d1321eb5a25cbaf2d694a24%22%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2a00:8:e35d:8840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,glbuid,x-client-version,x-device-id,x-platform-id,x-tenant-id
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/octet-stream
content-length: 0
date: Mon, 03 Jan 2022 18:55:02 GMT
server: nginx/1.12.2
x-request-id: 5f35198ba60105f91dc18dc0d845df90
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
cache-control: public, max-age=300
access-control-allow-headers: authorization,content-type,x-request-id,x-profile-type,x-client-version,x-device-id,x-platform-id,x-tenant-id,x-user-id,glbuid,x-country-code
vary: x-tenant-id
x-cache: Miss from cloudfront
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: YwbK2A-gyo4x7DGznDUsy4TQC113XJ94lpAGh3Vsix2JP3HS77cVDQ==

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 3A23 805 B
826 B 22ms
22ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 03 Jan 2022 18:55:02 GMT
via: 1.1 varnish
age: 4041251
x-served-by: cache-hhn4069-HHN
x-cache: HIT
x-cache-hits: 1435823
x-timer: S1641236103.503779,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
DATA 200
OK truncated
/ 93 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57e8bec49703909f91f6f1f84a449695c11b7bcdd275751e05febba0b84259ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK FXL-111-1159 Show response
api.fixelapp.com/api/v2/grade/ 61 B
360 B 423ms
108ms XHR
application/json 52.72.241.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fixelapp.com/api/v2/grade/FXL-111-1159
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.241.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-241-250.compute-1.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: c3be1faee4e8af9ddaba49f06c6fa3856a17ee5ae7632f2fafd2d2a5b786146a

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 03 Jan 2022 18:55:02 GMT
Server: nginx/1.18.0
X-Powered-By: Express
ETag: W/"3d-uqK9wj+bcUNgNUyf7w5bYo23rq0"
Access-Control-Allow-Methods: *
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 61

GET
H2 200 fxl-globoplay.js Show response
script.fixel.ai/custom/ 420 B
813 B 12ms
11ms Script
application/javascript 2600:9000:2057:600:1a:6635:8d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.fixel.ai/custom/fxl-globoplay.js
Requested by: Host: script.fixel.ai
URL: https://script.fixel.ai/script/compressed/Fixel.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:600:1a:6635:8d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2bf03df5be311c4cbb6b432906da55a318c37bac325de110342068711f56e95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: ATbYWDhDGGXa9m9n_oVuvY3ZD1k156e3
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
etag: "6b9ac7ce69f9101879a2c5b0a483d6cf"
last-modified: Mon, 23 Nov 2020 16:08:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 03 Jan 2022 18:55:02 GMT
accept-ranges: bytes
content-length: 420
x-amz-cf-id: R9qZAAi3epfp0nBqgtSzdj2UrMiPMrqbTNIZEK4B14ciQDm8zVaUPA==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 57ms
26ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=61498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 04 Jan 2022 18:55:02 GMT

GET
H2 200 reengage_legacy.js Show response
app.shoptarget.com.br/js/ 33 KB
10 KB 8ms
8ms Script
application/javascript 13.32.27.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.shoptarget.com.br/js/reengage_legacy.js
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-16.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2198fd0e079d8eda356ec8adc022a968d282fc4d6d5662059886c1789fa43d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: XKARJ1bLcyiuxDchjkWts71sgKBuCWMU
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 12:05:13 GMT
server: AmazonS3
age: 57287
etag: W/"4fd2dd9d7127325b3b9179c8441c8930"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 03 Jan 2022 03:00:15 GMT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: x8sa6Dy0I6gbtLcchs-XWJZ5RpfJyFhSIRZzP4NKngIzvbjZnGfiyw==

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=PageView&dl=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&rl=&if=false&ts=1641236102538&cd[assinatura]=desconhecido&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1641236102538.1499503137&it=1641236102438&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 03 Jan 2022 18:55:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=ViewContent&dl=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&rl=&if=false&ts=1641236102541&cd[assinatura]=desconhecido&cd[id]=gHnkmg7Xvm&cd[title]=malhacao_sonhos&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1641236102538.1499503137&it=1641236102438&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 03 Jan 2022 18:55:02 GMT

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 220 B
425 B 65ms
39ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f66b06da404f78ef62e3ccf1d92ce2a1b65953e23cb3f1b2780a216141725cb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a015-dub-prod.krxd.net, cache-hhn4076-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1641236103.583034,VS0,VE33
content-length: 186
x-cache-hits: 0, 0

GET
H2 200 schemas Show response
horizon-schemas.globo.com/ 110 KB
11 KB 942ms
226ms XHR
application/json 186.192.81.117
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-schemas.globo.com/schemas

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.117 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-117.prt.globo.com

Software

Resource Hash

87806397fc82d9734bedb9a9aa8f8ad18da3bb24b687d46b1a1db73de49a2431

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 706549464 ra03 11 14
age: 1499
vary: X-Forwarded-Proto, Accept-Encoding, Origin
content-length: 10705
x-xss-protection: 1; mode=block
x-request-id: d5a21eeb-2023-43f2-9a55-5176958ef0f6
access-control-allow-origin: https://globoplay.globo.com
x-thanos: 0AB1D026
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json; charset=UTF-8
via: 2.0 CachOS
cache-control: max-age=7200, public
accept-ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-296593-56&cid=146818781.1641236101&jid=1045786689&gjid=1926625182&_gid=390879986.1641236103&_u=YKAAgAABAAAAAE~&z=902010866

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 03 Jan 2022 18:55:02 GMT
content-type: text/plain
access-control-allow-origin: https://globoplay.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 81ms
37ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=50580111&t=pageview&_s=1&dl=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&dp=%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&ul=en-us&de=UTF-8&dt=Assistir%20online%20no%20Globoplay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YKAAgAAB~&jid=1045786689&gjid=1926625182&cid=146818781.1641236101&tid=UA-296593-56&_gid=390879986.1641236103&cd14=3.499.1&cd23=direct&cd94=146818781.1641236101&cd36=desktop&cd52=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.93%20safari%2F537.36&cd19=desconhecido&cd95=desconhecido&cd1=web&cd28=DE&cd29=globo-play-eu&cd35=padrao&cd2=pagina_de_titulo&z=786786575

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 07:11:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42215
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 80ms
37ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=50580111&t=event&_s=2&dl=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&dp=%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&ul=en-us&de=UTF-8&dt=Assistir%20online%20no%20Globoplay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=metrica_performance&ea=first_paint&el=V1&ev=4034&_u=YKAAgAABAAAAAE~&jid=&gjid=&cid=146818781.1641236101&tid=UA-296593-56&_gid=390879986.1641236103&cd14=3.499.1&cd23=direct&cd94=146818781.1641236101&cd36=desktop&cd52=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.93%20safari%2F537.36&cd19=desconhecido&cd95=desconhecido&cd1=web&cd28=DE&cd29=globo-play-eu&cd35=padrao&z=875008277

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 07:11:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42215
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 81ms
38ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=50580111&t=event&_s=3&dl=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&dp=%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&ul=en-us&de=UTF-8&dt=Assistir%20online%20no%20Globoplay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=metrica_performance&ea=first_contentful_paint&el=V1&ev=4034&_u=YKAAgAABAAAAAE~&jid=&gjid=&cid=146818781.1641236101&tid=UA-296593-56&_gid=390879986.1641236103&cd14=3.499.1&cd23=direct&cd94=146818781.1641236101&cd36=desktop&cd52=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.93%20safari%2F537.36&cd19=desconhecido&cd95=desconhecido&cd1=web&cd28=DE&cd29=globo-play-eu&cd35=padrao&z=2074225459

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 07:11:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42215
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 79ms
36ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=50580111&t=event&_s=4&dl=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&dp=%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&ul=en-us&de=UTF-8&dt=Assistir%20online%20no%20Globoplay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=teste_ab&ea=notificacao_logotipo&el=alternativa&_u=YKAAgAABAAAAAE~&jid=&gjid=&cid=146818781.1641236101&tid=UA-296593-56&_gid=390879986.1641236103&cd14=3.499.1&cd23=direct&cd94=146818781.1641236101&cd36=desktop&cd52=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.93%20safari%2F537.36&cd19=desconhecido&cd95=desconhecido&cd1=web&cd28=DE&cd29=globo-play-eu&cd35=padrao&z=1065461696

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 07:11:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42215
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rrpdr7kps.js Show response
cdn.krxd.net/controltag/ Frame 3A23 64 KB
18 KB 22ms
21ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/rrpdr7kps.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e68234c6007e438bf8cd985e03f7dd144bb17eb16968f86c1ce0645fea82abc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Mon, 03 Jan 2022 18:55:02 GMT
via: 1.1 varnish, 1.1 varnish
age: 924
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 17965
x-served-by: config-service-a001-ash-prod.krxd.net, cache-iad-kiad7000097-IAD, cache-hhn4069-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1641236103.584214,VS0,VE0
etag: "11e1c12fe3330194e4aaff0c7deed60a812dfbf6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 2

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 117ms
117ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NM1IDO3VNUQLVLF980&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id: 60c72e5e.1087afc8
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a96-6-42-60.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1641236102642598
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 107,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=14, inner; dur=7
pragma: no-cache
server: nginx
x-tt-logid: 20220103185502010113135079154373D0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,96.6.42.60
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbac8325810d9f70b61dc5df70544f1ab13de7b20cdac4c19b12579bf25726e137130501db8538a55f16fdb9df03b130200cd25d790910146d3aacbcc4530e51f7f39d15a2244fb2e9563c41b41e5575c9cd8fbc2afdfd5459042183c92b828d6d2
expires: Mon, 03 Jan 2022 18:55:02 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 716 B
1 KB 101ms
101ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C5NM1IDO3VNUQLVLF980&hostname=globoplay.globo.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NM1IDO3VNUQLVLF980&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5d71a7621abca6ef701caf4aa7608b065faf98ec19bb346d0ac2ec79919b1020

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id: 60c6a5f6.1087b022
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a96-6-42-60.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1641236102663814
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 93,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=4, inner; dur=0
content-length: 330
pragma: no-cache
server: nginx
x-tt-logid: 202201031855020101130061140CDF5F34
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,96.6.42.60
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbac8325810d9f70b61dc5df70544f1ab13de7b20cdac4c19b12579bf25726e1371d97baf19e9a02fe4e59346e3588aa1b8389bee17ee2fff9db35aa37ba1147223a25f454367ab3083f5e59b4650a5030a25e2e94a438d5be83dc5ecfbfae97071
expires: Mon, 03 Jan 2022 18:55:02 GMT

GET
H2 200 aHR0cHM6Ly9nbG9ib3BsYXkuZ2xvYm8uY29tL21hbGhhY2FvLXNvbmhvcy90L2dIbmttZzdYdm0v Show response
front.shoptarget.com.br/tr2/spc/4803/ 15 B
511 B 214ms
192ms XHR
text/html 13.32.27.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://front.shoptarget.com.br/tr2/spc/4803/aHR0cHM6Ly9nbG9ib3BsYXkuZ2xvYm8uY29tL21hbGhhY2FvLXNvbmhvcy90L2dIbmttZzdYdm0v
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-16.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: bc180bd9692edebe3332018b085efe69268432fc2e9fc7b5c88d4fad4b5d9504

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-C2
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://globoplay.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, Content-Type, X-Requested-With
x-amz-cf-id: 215tFm7Si9-Rcb5WXnNNdMwBsy1XymUmIjiQRy_cPgREkE3IVK62Rg==
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)

GET
H2 200 get.php Show response
click.retargeter.com.br/ 15 B
355 B 263ms
195ms XHR
application/json 143.204.215.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://click.retargeter.com.br/get.php?i=4803&r=https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-8.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: a7de59dafa959ed051b76f14d7a6695263277ba4c2bbe83ea9b907dd7dc53468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
x-amz-cf-id: y_a32WRxPEypzS0O9sD8zwcbZJSYOHZJQMuZLpRvw72t89dC1k0S1g==
via: 1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)

GET
H2 200 aHR0cHM6Ly9nbG9ib3BsYXkuZ2xvYm8uY29tL21hbGhhY2FvLXNvbmhvcy90L2dIbmttZzdYdm0v Show response
front.shoptarget.com.br/tr2/cc/4803/ 15 B
511 B 211ms
190ms XHR
text/html 13.32.27.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://front.shoptarget.com.br/tr2/cc/4803/aHR0cHM6Ly9nbG9ib3BsYXkuZ2xvYm8uY29tL21hbGhhY2FvLXNvbmhvcy90L2dIbmttZzdYdm0v
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-16.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: bc180bd9692edebe3332018b085efe69268432fc2e9fc7b5c88d4fad4b5d9504

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-C2
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://globoplay.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, Content-Type, X-Requested-With
x-amz-cf-id: eKBIEt1B4gLvS49mQCMD_22SyoHA_rXfA1VNCzUJWNbqa9FFpaUO7Q==
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)

GET
H2 200 init.js Show response
static.shopback.net/tags/ 65 KB
15 KB 40ms
10ms Script
application/javascript 13.35.253.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shopback.net/tags/init.js
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/reengage_legacy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4730fa8d655d91694377b9b8ed8802c21e4657b2908fb5b7cd3a616990c2c762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 08:15:46 GMT
content-encoding: gzip
last-modified: Mon, 27 Dec 2021 15:12:47 GMT
server: AmazonS3
age: 38357
etag: W/"09f37c7f556747a5426c2f79f75e4eef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: eJlDL69Wv1QgFD_kWcr4rNhWoXoZ7og8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 2Cqn_f9-YVOrb1yc4fIa6lSsfG4or4Zir6N9lhCywVVZAwQ_gZtTOg==

GET
H2 200 cm.js Show response
poscompra.shopconvert.com.br/js/ 23 KB
8 KB 337ms
103ms Script
application/x-javascript 3.233.108.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://poscompra.shopconvert.com.br/js/cm.js
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/reengage_legacy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.108.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-108-24.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 44cb58f5112d2f6a49b583e75306ad6e657387e003098fa7c62e4fc02fea1699

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 26 Jul 2019 20:30:10 GMT
server: nginx
etag: W/"5d3b62d2-5bbd"
content-type: application/x-javascript

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 152ms
62ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-296593-56&cid=146818781.1641236101&jid=1045786689&_u=YKAAgAABAAAAAE~&z=1966435939

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 151ms
62ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-296593-56&cid=146818781.1641236101&jid=1045786689&_u=YKAAgAABAAAAAE~&z=1966435939

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 161ms
60ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-952156414

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 18:55:02 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 102ms
54ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-987597516&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-952156414

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2dbe8918a242f4190f18d742d1539336fe52b6032e23131c023c29686b0ff7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39604
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Jan 2022 18:55:02 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 3A23 259 KB
83 KB 8ms
8ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/rrpdr7kps.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
age: 3008025
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 6166798
content-length: 84509
x-served-by: cache-hhn4069-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1641236103.668309,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D1D7 9 KB
4 KB 67ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=globoplay.globo.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

133be2ab152b1c9f408e9a597430361539cf3b8255a0a92f8a8a8a885e079702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2069
date: Mon, 03 Jan 2022 18:55:02 GMT
content-length: 4161
strict-transport-security: max-age=31536000; preload;

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349;~oref=https://globoplay.globo.com/ Frame 73F1 438 B
810 B 163ms
75ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349;~oref=https://globoplay.globo.com/

Requested by

Host: 8622355.fls.doubleclick.net
URL: https://8622355.fls.doubleclick.net/activityi;dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f8291d121493b605e6a637a56c0169f006279aaded38455ec06762b72b73c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8622355.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jan 2022 18:55:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jquery.js Show response
static.shopback.net/tags/ 89 KB
32 KB 8ms
8ms Script
application/javascript 13.35.253.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shopback.net/tags/jquery.js
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/tags/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87b364e56e7716903a95416bbb48e70963911abccc2a7e47f610ff7d0047ce30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: K3EoL_8_hPM3T5KzpnMLAMbTj00fx7mH
content-encoding: gzip
last-modified: Mon, 27 Dec 2021 15:12:47 GMT
server: AmazonS3
age: 51562
etag: W/"08570daf3935f93d502e35d974414bad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
date: Mon, 03 Jan 2022 04:35:41 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: BbTpkJGgv_fX58h0_yAs8tc-EpQwwmlF4vey69AIq_jymAdiAZEEJg==

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ Frame 3A23 220 B
261 B 7ms
7ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f66b06da404f78ef62e3ccf1d92ce2a1b65953e23cb3f1b2780a216141725cb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a015-dub-prod.krxd.net, cache-hhn4076-HHN
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1641236103.710583,VS0,VE0
content-length: 186
x-cache-hits: 0, 1

GET
H2 200 browser Show response
ckies.net/ 153 B
779 B 219ms
202ms Fetch
application/json 13.35.253.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckies.net/browser?source=https%3A%2F%2Fgloboplay.globo.com
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-69.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: deaa68114c08e5ca29f317914c10e84a0d2e665fd8e15307ef85a336b1abd42b

Request headers

Referer: https://globoplay.globo.com/
referer-new: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Authorization, Client-Security-Token, Session, Cookie, Access-Control-Request-Method
x-amz-cf-id: W_odYdDr7t6UkmVtrUwb7AASEUb7Z5jdih7yneBsspHBOQ3vl5r-Vg==
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)

OPTIONS
H2 200 browser
ckies.net/ Frame 0
0 219ms
190ms Preflight
text/html 13.35.253.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckies.net/browser?source=https%3A%2F%2Fgloboplay.globo.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-69.fra6.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,referer-new
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 03 Jan 2022 18:55:02 GMT
server: nginx
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
access-control-allow-headers: content-type,referer-new
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: sZz0pNi2wi6ekke8Gi18akNBlTUzEYXR7LquA5Lst86eTfUCqUtw4Q==

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
706 B 184ms
182ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NM1IDO3VNUQLVLF980&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2bbead9.1087b13a
date: Mon, 03 Jan 2022 18:55:02 GMT
x-cache-remote: TCP_MISS from a96-6-42-68.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 148,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=136, origin; dur=28, inner; dur=23
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022010318550201011300606905405A84
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 28,96.6.42.68
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbac8325810d9f70b61dc5df70544f1ab13a2042c1dca66351a2b3c726db65346e9ca992d8958fcbf84f0ba5a0f94c50d953ce8563e6cffba8fe1365df4daed16e09969ac81499fa0027fca0a368c7a3259093181513fe93357ea247d0cd4966b02
expires: Mon, 03 Jan 2022 18:55:02 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
705 B 193ms
192ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NM1IDO3VNUQLVLF980&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 754fea62.1087b13e
date: Mon, 03 Jan 2022 18:55:02 GMT
x-cache-remote: TCP_MISS from a96-6-42-86.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 167,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=156, origin; dur=21, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202201031855020101131352141DC5D474
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 21,96.6.42.86
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbac8325810d9f70b61dc5df70544f1ab13bf6eff9a0d31ae41157a454786f7108bff1e9d24cec8f1eeaa3cf82f6f38c9ab1b6bbb4702b04283e2b344a390a6f8d940c31d5b765d1433c73a4c5305501a3f397152411e4cbce963ea339f35cab509
expires: Mon, 03 Jan 2022 18:55:02 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
708 B 170ms
169ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NM1IDO3VNUQLVLF980&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a54a3df2.1087b147
date: Mon, 03 Jan 2022 18:55:02 GMT
x-cache-remote: TCP_MISS from a96-6-42-109.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 122,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=121, origin; dur=22, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022010318550201011300615327424D4C
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,96.6.42.109
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbac8325810d9f70b61dc5df70544f1ab13965e59ef1878eb331f66b326e816840c5377dab16b2fa659b4c62d082eafc68d06bcf5403051f74ce6306b07bc606b9df550976108ca1e4bea92fa47271e59d29a11080c8943d9c4c8b933591934e0a0
expires: Mon, 03 Jan 2022 18:55:02 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
701 B 182ms
182ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NM1IDO3VNUQLVLF980&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 56c638b.1087b14d
date: Mon, 03 Jan 2022 18:55:02 GMT
x-cache-remote: TCP_MISS from a96-6-42-6.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 142,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=127, origin; dur=30, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202201031855020101131351941042031E
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,96.6.42.6
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbac8325810d9f70b61dc5df70544f1ab13a05824675b3202e802e41713a49cfa027c67eced6eea79e787e748f50fef4e3275e0b303c0531012cb39cd57b2c2cb93ee8b143b7ec0c0c50f9f522ee14dcd7c41adc5faef21afe41041a405b895980e
expires: Mon, 03 Jan 2022 18:55:02 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
706 B 338ms
337ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NM1IDO3VNUQLVLF980&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3eb2945a.1087b151
date: Mon, 03 Jan 2022 18:55:03 GMT
x-cache-remote: TCP_MISS from a96-6-42-12.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 322,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=276, origin; dur=46, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220103185502010113135200264216C6
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 46,96.6.42.12
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbac8325810d9f70b61dc5df70544f1ab13b25a5d5e341191740319d3ec663b6b23341697e49312a1e387351f0d439aa967ff1e793a12c6d9fcfcb55173997811ba9feeadd99198282c117d1c646ec4c1df066c671187ccf0b018e870ffbf55773a
expires: Mon, 03 Jan 2022 18:55:03 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
708 B 339ms
338ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NM1IDO3VNUQLVLF980&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3eb29363.1087b157
date: Mon, 03 Jan 2022 18:55:03 GMT
x-cache-remote: TCP_MISS from a96-6-42-12.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 322,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=278, origin; dur=44, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202201031855020101130060711643DBFF
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 44,96.6.42.12
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbac8325810d9f70b61dc5df70544f1ab13b25a5d5e341191740319d3ec663b6b23e1c86f2460a203a387a3b3198e71c6a1b935f84ed262c4d97efedf4799534af0e80a5c5c6d5e2ca1f0b067eee5d2415134cc91d125e8d6f874743be7fadcb1d1
expires: Mon, 03 Jan 2022 18:55:03 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3A23
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2xIeEFvcUM
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJbgIEQCEqjQzGG4_-joZc0&google_cver=1

0
336 B

27ms
26ms

Image
text/plain

52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJbgIEQCEqjQzGG4_-joZc0&google_cver=1
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1641236103
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJbgIEQCEqjQzGG4_-joZc0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3A23
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2xIeEFvcUM
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIXcS4-gL3NXQnOf9B776Cg&google_cver=1

0
336 B

27ms
27ms

Image
text/plain

52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIXcS4-gL3NXQnOf9B776Cg&google_cver=1
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1641236102
x-served-by: beacon-n004-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIXcS4-gL3NXQnOf9B776Cg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3A23
Redirect Chain

https://stags.bluekai.com/site/26357?id=OlHxAoqC&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOlHxAoqC%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
https://beacon.krxd.net/usermatch.gif?_kuid=OlHxAoqC&partner=bluekai&bk_uuid=$_BK_UUID

0
336 B

27ms
26ms

Image
text/plain

52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?_kuid=OlHxAoqC&partner=bluekai&bk_uuid=$_BK_UUID
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1641236102
x-served-by: beacon-n008-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?_kuid=OlHxAoqC&partner=bluekai&bk_uuid=$_BK_UUID
Date: Mon, 03 Jan 2022 18:55:02 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3A23
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=nRuxvhP86iuXgt4rXuCYv7AD3qOTxNiD

0
336 B

27ms
27ms

Image
text/plain

52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=nRuxvhP86iuXgt4rXuCYv7AD3qOTxNiD
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=18 t=1641236102
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=nRuxvhP86iuXgt4rXuCYv7AD3qOTxNiD
date: Mon, 03 Jan 2022 18:55:02 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4441
content-length: 218
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

200

p2
sb.scorecardresearch.com/ Frame 3A23
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OlHxAoqC&rn=1641236103
https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OlHxAoqC&rn=1641236103

64 B
330 B

9ms
8ms

Image
image/gif

13.35.253.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OlHxAoqC&rn=1641236103
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Server: 13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 1VzOdYTsrkmtBxoafFTHlBHtDZUFzXjfmHwS6B1522DBkMIRc84qqQ==

Redirect headers

date: Mon, 03 Jan 2022 18:55:02 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OlHxAoqC&rn=1641236103
content-length: 102
x-amz-cf-id: ZjPjH9RcMqXaWZOhxcigTLH_Cc9eFTPeXBdh-RCkqmbyxTuwY85_BA==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3A23
Redirect Chain

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OlHxAoqC&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OlHxAoqC&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=55215904391378571911515411323264510815

0
336 B

27ms
27ms

Image
text/plain

52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=55215904391378571911515411323264510815
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1641236102
x-served-by: beacon-n019-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

DCS: dcs-prod-irl1-1-v026-0af43dd6b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: bW7jayhiTys=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=55215904391378571911515411323264510815
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3A23
Redirect Chain

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID
https://beacon.krxd.net/usermatch.gif?adnxs_uid=2933844562998605552

0
336 B

28ms
28ms

Image
text/plain

52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?adnxs_uid=2933844562998605552
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=21 t=1641236102
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Mon, 03 Jan 2022 18:55:02 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 046605b9-cf89-42ea-9ad1-f784717b7c8d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://beacon.krxd.net/usermatch.gif?adnxs_uid=2933844562998605552
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame 3A23 42 B
417 B 62ms
21ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=OlHxAoqC
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Jan 2022 18:55:02 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 3A23 0
214 B 30ms
8ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

usersync
pixel-sync.sitescout.com/connectors/krux/ Frame 3A23
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=sitescout
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OlHxAoqC&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID

0
191 B

69ms
21ms

Image
text/plain

66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OlHxAoqC&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OlHxAoqC&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
date: Mon, 03 Jan 2022 18:55:02 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3A23
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=verizon
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OlHxAoqC
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-RNz4JUVE2puqYrtXdjWqA3lZYXs2v3ZUwQ--~A

0
336 B

27ms
26ms

Image
text/plain

52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-RNz4JUVE2puqYrtXdjWqA3lZYXs2v3ZUwQ--~A
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1641236103
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 03 Jan 2022 18:55:03 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-RNz4JUVE2puqYrtXdjWqA3lZYXs2v3ZUwQ--~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sync
sync.navdmp.com/ Frame 3A23
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=navegg
https://sync.navdmp.com/sync?prtid=30&salid=OlHxAoqC

6 B
81 B

161ms
151ms

Image
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?prtid=30&salid=OlHxAoqC
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6c7e706c2dbd42e7-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

location: https://sync.navdmp.com/sync?prtid=30&salid=OlHxAoqC
date: Mon, 03 Jan 2022 18:55:02 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a001-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3A23
Redirect Chain

https://sync.1rx.io/usersync/krux/OlHxAoqC?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/krux/OlHxAoqC?zcc=1&dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1641236102871
https://sync.targeting.unrulymedia.com/csync/RX-915757fd-7e60-49e6-8c20-1268cc76eab2-003?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3DRX-915757fd-7e60-4...
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-915757fd-7e60-49e6-8c20-1268cc76eab2-003

0
336 B

28ms
27ms

Image
text/plain

52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-915757fd-7e60-49e6-8c20-1268cc76eab2-003
Requested by: Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Protocol: H2
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1641236102
x-served-by: beacon-n011-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-915757fd-7e60-49e6-8c20-1268cc76eab2-003
date: Mon, 03 Jan 2022 18:55:02 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX915757fd7e6049e68c201268cc76eab2003
content-type: text/html

GET getdata.xgi
r.nexac.com/e/ Frame 3A23 0
0

GET
H2

200

sid Show response
mug.criteo.com/ Frame D1D7
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=globoplay.globo.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=NxpI63xKcW50T0crM3cvZXZ1QzMyN3FLMmlkZUxSWTlseHZCQTJndW56VmZhOEVqTkZaQmpoamd2YmFNU1VhQmcvZTdNNTRvcEZQMVkzSVdQOWxNYnRBSkM4K3h0ZWl5OXJuV095MjAwU0RKWlZWZ0lldm00UVFkRTJVNn...

425 B
632 B

61ms
22ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=NxpI63xKcW50T0crM3cvZXZ1QzMyN3FLMmlkZUxSWTlseHZCQTJndW56VmZhOEVqTkZaQmpoamd2YmFNU1VhQmcvZTdNNTRvcEZQMVkzSVdQOWxNYnRBSkM4K3h0ZWl5OXJuV095MjAwU0RKWlZWZ0lldm00UVFkRTJVNndUVXdNYmREUTJGZ01NTHRTK1Z6NzdkWGp3UlpNT29SSFFEMjlWa0FQMkllcnMxNm55dW5KbE0yNnVLbWdMay9SUjdLZXdzV2hGTXplVGVjZnZhL2ViTnJ3VG1XWDljUDlCbnYvNkx3M1kvdE0xYnd6VktnQU4yZlhLOWc0ZTZqQUlxaWR5bys0anBwTzN3MHN2Mk9LOFF6Y2lzTy94QT09fA&cppv=2

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

356b2377584512e999488dc686267f9a505c6e8bfc39dc513ad66ae4ed3f088d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4191
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=NxpI63xKcW50T0crM3cvZXZ1QzMyN3FLMmlkZUxSWTlseHZCQTJndW56VmZhOEVqTkZaQmpoamd2YmFNU1VhQmcvZTdNNTRvcEZQMVkzSVdQOWxNYnRBSkM4K3h0ZWl5OXJuV095MjAwU0RKWlZWZ0lldm00UVFkRTJVNndUVXdNYmREUTJGZ01NTHRTK1Z6NzdkWGp3UlpNT29SSFFEMjlWa0FQMkllcnMxNm55dW5KbE0yNnVLbWdMay9SUjdLZXdzV2hGTXplVGVjZnZhL2ViTnJ3VG1XWDljUDlCbnYvNkx3M1kvdE0xYnd6VktnQU4yZlhLOWc0ZTZqQUlxaWR5bys0anBwTzN3MHN2Mk9LOFF6Y2lzTy94QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1968
content-length: 541
expires: 0

GET
H2

200

cm
ash.creativecdn.com/adx/ Frame 4C6D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=NUJNY2lVWjRzYlRYMEdyd1NVZUI%3D&pi=adx&tdc=ash&chain=
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESEPt7DluWSUYRDMoYRe1fKGY&google_cver=1&google_ula=5153224,0
https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESEPt7DluWSUYRDMoYRe1fKGY&google_cver=1&google_ula=5153224,0

42 B
243 B

116ms
108ms

Image
image/gif

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESEPt7DluWSUYRDMoYRe1fKGY&google_cver=1&google_ula=5153224,0
Requested by: Host: us.creativecdn.com
URL: https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&sr=&ts=1641236102381&tc=1
Protocol: H2
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.creativecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT, Mon, 03 Jan 2022 18:55:03 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESEPt7DluWSUYRDMoYRe1fKGY&google_cver=1&google_ula=5153224,0
date: Mon, 03 Jan 2022 18:55:02 GMT
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/ 2 KB
1 KB 144ms
57ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102820&cv=9&fst=1641236102820&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40c1ed2eb0f2be48a28fc786ea845811308d22185a5c18f17adc55c8adabe78f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/ 2 KB
2 KB 143ms
56ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102823&cv=9&fst=1641236102823&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1eea27112968d0262d374a40be84cb950d22d8029d9fcd7d81e6fc77f3dcd18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/ 2 KB
1 KB 176ms
90ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102824&cv=9&fst=1641236102824&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a63ccff69528249dada5fa6c51895a41bac1e318451c198be486d3292e7cada2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/ 2 KB
1 KB 143ms
58ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102825&cv=9&fst=1641236102825&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f38c81bae8217fa8da1256162d04e92878dc5e3c47f2245a1bdf9a0ca3252ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/ 2 KB
1 KB 143ms
59ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102826&cv=9&fst=1641236102826&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ce52239761cecbe2b1e60a71b8b5c8fd66896591edb1fe8bd6a8d2f836099ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/952156414/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102824&cv=9&fst=1641236102824&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

49ms
48ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1433146272&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1433146272&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/952156414/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102824&cv=9&fst=1641236102824&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

49ms
49ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1993595961&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1993595961&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/952156414/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102825&cv=9&fst=1641236102825&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

49ms
48ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1076512699&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1076512699&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/952156414/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102825&cv=9&fst=1641236102825&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

51ms
51ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=948460367&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=948460367&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/952156414/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952156414/?random=1641236102826&cv=9&fst=1641236102826&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102826&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102826&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

50ms
49ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102826&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1353620044&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102826&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1353620044&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/987597516/ 2 KB
1 KB 119ms
118ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987597516/?random=1641236102828&cv=9&fst=1641236102828&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83262b158f3e837e6fd08cf041c196538411d27d334f9a742c6c80249f65572f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/987597516/ 2 KB
1 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987597516/?random=1641236102829&cv=9&fst=1641236102829&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38ddeb806564c30fe4ef6f3c05eca54b346bf9429a81143728f518da7ef66af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/987597516/ 2 KB
1 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987597516/?random=1641236102830&cv=9&fst=1641236102830&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

671ad1a20c293d2d69d7931de6a3a2446fdeaff7592da1161f4480f7782f2a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/987597516/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987597516/?random=1641236102829&cv=9&fst=1641236102829&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/987597516/?random=1641236102829&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/987597516/?random=1641236102829&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

50ms
49ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/987597516/?random=1641236102829&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1566748312&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/987597516/?random=1641236102829&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=1566748312&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/987597516/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987597516/?random=1641236102830&cv=9&fst=1641236102830&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/987597516/?random=1641236102830&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/987597516/?random=1641236102830&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

48ms
47ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/987597516/?random=1641236102830&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=654339253&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/987597516/?random=1641236102830&cv=9&fst=1641232800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&is_vtc=1&random=654339253&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349;~oref=https://globoplay.globo.com/ Frame DF3B 194 B
870 B 161ms
74ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349;~oref=https://globoplay.globo.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLzjiPeglvUCFdUQBgAdlE8LNw;src=8622355;type=play;cat=allpages;ord=489684455190.349;~oref=https://globoplay.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jan 2022 18:55:02 GMT
expires: Mon, 03 Jan 2022 18:55:02 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=61498&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvp%26p%3DgHnkmg7Xvm&p3=e%3Ddis%26a%3D%255B61498%252C61498%255D&adce=1&bundle=BXLuPV9y...
https://widget.us.criteo.com/event?a=61498&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvp%26p%3DgHnkmg7Xvm&p3=e%3Ddis%26a%3D%255B61498%252C61498%255D&adce=1&bundle=BXLuPV9y...

8 KB
8 KB

310ms
109ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=61498&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvp%26p%3DgHnkmg7Xvm&p3=e%3Ddis%26a%3D%255B61498%252C61498%255D&adce=1&bundle=BXLuPV9yaW1TZU5GMUtBRHJTWGZlcXdTQ3N3bGlNZURRRk83MDFQWmI3MU9JYUJ2dWhOM05rRmxIVGFUZGVZdGFMVEZ0UkRPekw4dkF2WEdwNUxvY1dtclZJaWFKcElKRFFUeWtVYklwRWdrRDVNbmMlMkZXJTJCVFB4dDFoMWFYJTJCbFplYlU0MFZObzIlMkI3elNuVXBqSDNWYWo1a29adyUzRCUzRA&tld=globo.com&dy=1&dtycbr=1192

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

bd751eb33a4519310bdce8775ce7766f328e0cc4a8438141c48ad0201b25a9be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
content-type: application/x-javascript
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 16689470
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:02 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://widget.us.criteo.com/event?a=61498&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvp%26p%3DgHnkmg7Xvm&p3=e%3Ddis%26a%3D%255B61498%252C61498%255D&adce=1&bundle=BXLuPV9yaW1TZU5GMUtBRHJTWGZlcXdTQ3N3bGlNZURRRk83MDFQWmI3MU9JYUJ2dWhOM05rRmxIVGFUZGVZdGFMVEZ0UkRPekw4dkF2WEdwNUxvY1dtclZJaWFKcElKRFFUeWtVYklwRWdrRDVNbmMlMkZXJTJCVFB4dDFoMWFYJTJCbFplYlU0MFZObzIlMkI3elNuVXBqSDNWYWo1a29adyUzRCUzRA&tld=globo.com&dy=1&dtycbr=1192
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5311906
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
36ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=50580111&t=event&ni=1&_s=5&dl=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&dp=%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&ul=en-us&de=UTF-8&dt=Assistir%20online%20no%20Globoplay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Fixel&ea=Med&el=globoplay&_u=aLAAgAABAAAAAE~&jid=&gjid=&cid=146818781.1641236101&tid=UA-296593-56&_gid=390879986.1641236103&cd14=3.499.1&cd23=direct&cd94=146818781.1641236101&cd36=desktop&cd52=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.93%20safari%2F537.36&cd19=desconhecido&cd95=desconhecido&cd1=web&cd28=DE&cd29=globo-play-eu&cd35=padrao&cd43=false&cd10=(Nenhum)&z=1427787984

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 07:11:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42215
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

src=8622355;dc_pre=CI3ZpfeglvUCFRPSGQodbDQCDw;type=playsig;cat=globo000;u13=Med;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8622355;type=playsig;cat=globo000;u13=Med;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8622355;dc_pre=CI3ZpfeglvUCFRPSGQodbDQCDw;type=playsig;cat=globo000;u13=Med;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8622355;dc_pre=CI3ZpfeglvUCFRPSGQodbDQCDw;type=playsig;cat=globo000;u13=Med;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
63 B

124ms
76ms

Image
image/gif

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8622355;dc_pre=CI3ZpfeglvUCFRPSGQodbDQCDw;type=playsig;cat=globo000;u13=Med;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=8622355;dc_pre=CI3ZpfeglvUCFRPSGQodbDQCDw;type=playsig;cat=globo000;u13=Med;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
10ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=Fixel_globoplay_Med&dl=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&rl=&if=false&ts=1641236102952&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmtealium&ec=2&o=30&fbp=fb.1.1641236102538.1499503137&it=1641236102438&coo=false&exp=p0&rqm=GET

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 03 Jan 2022 18:55:02 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
36ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=50580111&t=event&ni=1&_s=6&dl=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&dp=%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&ul=en-us&de=UTF-8&dt=Assistir%20online%20no%20Globoplay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Fixel&ea=Basic&el=globoplay&_u=aLAAgAABAAAAAE~&jid=&gjid=&cid=146818781.1641236101&tid=UA-296593-56&_gid=390879986.1641236103&cd14=3.499.1&cd23=direct&cd94=146818781.1641236101&cd36=desktop&cd52=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.93%20safari%2F537.36&cd19=desconhecido&cd95=desconhecido&cd1=web&cd28=DE&cd29=globo-play-eu&cd35=padrao&cd43=false&cd10=(Nenhum)&z=1280672177

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 07:11:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42215
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

src=8622355;dc_pre=CPDapfeglvUCFaBFHgIdMWcBJA;type=playsig;cat=globo000;u13=Basic;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8622355;type=playsig;cat=globo000;u13=Basic;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8622355;dc_pre=CPDapfeglvUCFaBFHgIdMWcBJA;type=playsig;cat=globo000;u13=Basic;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8622355;dc_pre=CPDapfeglvUCFaBFHgIdMWcBJA;type=playsig;cat=globo000;u13=Basic;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
63 B

123ms
77ms

Image
image/gif

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8622355;dc_pre=CPDapfeglvUCFaBFHgIdMWcBJA;type=playsig;cat=globo000;u13=Basic;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=8622355;dc_pre=CPDapfeglvUCFaBFHgIdMWcBJA;type=playsig;cat=globo000;u13=Basic;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=Fixel_globoplay_Basic&dl=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&rl=&if=false&ts=1641236102955&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmtealium&ec=3&o=30&fbp=fb.1.1641236102538.1499503137&it=1641236102438&coo=false&exp=p0&rqm=GET

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 03 Jan 2022 18:55:02 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/952156414/ 42 B
64 B 105ms
55ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102823&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=2883864568&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/952156414/ 42 B
64 B 96ms
49ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102823&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=2883864568&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/952156414/ 42 B
64 B 103ms
56ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102820&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=3009368795&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/952156414/ 42 B
64 B 98ms
51ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102820&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=3009368795&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/952156414/ 42 B
64 B 103ms
56ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=4286443994&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/952156414/ 42 B
64 B 93ms
48ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102825&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=4286443994&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/952156414/ 42 B
64 B 97ms
52ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102826&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=2016916608&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/952156414/ 42 B
64 B 95ms
52ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102826&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=2016916608&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ Frame 4DF8 43 B
998 B 14ms
13ms Image
image/gif 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=315&code=5BMciUZ4sbTX0GrwSUeB

Requested by

Host: us.creativecdn.com
URL: https://us.creativecdn.com/tags?type=iframe&id=pr_1zSyBx00pXTGj9bZFsVT_offer_gHnkmg7Xvm&id=pr_1zSyBx00pXTGj9bZFsVT_custom_usergroup_desconhecido&id=pr_1zSyBx00pXTGj9bZFsVT_lid_elbfvvHShGfvAuO8Xcgj&su=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&sr=&ts=1641236102385&tc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.creativecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jan 2022 18:55:02 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f0a3b10c-4669-4fc0-86f7-45dc59e7e4d3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 helper_4803.js Show response
poscompra.shopconvert.com.br/js/ 0
134 B 105ms
105ms Script
application/x-javascript 3.233.108.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://poscompra.shopconvert.com.br/js/helper_4803.js
Requested by: Host: poscompra.shopconvert.com.br
URL: https://poscompra.shopconvert.com.br/js/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.108.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-108-24.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
last-modified: Tue, 29 Jan 2019 15:55:27 GMT
server: nginx
accept-ranges: bytes
etag: "5c50776f-0"
content-length: 0
content-type: application/x-javascript

GET
H2 200 4803 Show response
poscompra.shopconvert.com.br/cm/adsChecking/ 2 B
140 B 309ms
104ms XHR
application/json 3.233.108.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://poscompra.shopconvert.com.br/cm/adsChecking/4803
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.108.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-108-24.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Jan 2022 18:55:03 GMT
content-encoding: gzip
server: nginx
content-type: application/json

GET
H3 200 /
www.google.com/pagead/1p-user-list/952156414/ 42 B
64 B 69ms
53ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=3835613757&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/952156414/ 42 B
64 B 73ms
59ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/952156414/?random=1641236102824&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3DgHnkmg7Xvm&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=3835613757&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/987597516/ 42 B
64 B 67ms
54ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/987597516/?random=1641236102829&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=3542283479&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/987597516/ 42 B
64 B 60ms
48ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/987597516/?random=1641236102829&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=3542283479&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/987597516/ 42 B
64 B 54ms
54ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/987597516/?random=1641236102828&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=1286509784&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/987597516/ 42 B
64 B 48ms
48ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/987597516/?random=1641236102828&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=1286509784&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=Microdata&dl=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&rl=&if=false&ts=1641236103041&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Assistir%20%20online%20no%20Globoplay%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F%22%2C%22og%3Atype%22%3A%22%22%2C%22og%3Aimage%3Aalt%22%3A%22Globoplay%22%2C%22og%3Asite_name%22%3A%22Globoplay%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs2.glbimg.com%2FzML_6QWy2cb3NV2YibXDp-lH2nI%3D%2F362x536%2Fhttps%3A%2F%2Fs2.glbimg.com%2FanQN5dh6kgH4HFNOMdJ9ZxUVUZc%3D%2Fi.s3.glbimg.com%2Fv1%2FAUTH_c3c606ff68e7478091d1ca496f9c5625%2Finternal_photos%2Fbs%2F2021%2Fq%2Fa%2F1BcjdkQCG0uFs1gpOgGA%2F2021-1465-malhacao-sonhos-poster.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22type%22%3A%22WebPage%22%2C%22url%22%3A%22https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F%22%2C%22image%22%3A%22https%3A%2F%2Fs2.glbimg.com%2FzML_6QWy2cb3NV2YibXDp-lH2nI%3D%2F362x536%2Fhttps%3A%2F%2Fs2.glbimg.com%2FanQN5dh6kgH4HFNOMdJ9ZxUVUZc%3D%2Fi.s3.glbimg.com%2Fv1%2FAUTH_c3c606ff68e7478091d1ca496f9c5625%2Finternal_photos%2Fbs%2F2021%2Fq%2Fa%2F1BcjdkQCG0uFs1gpOgGA%2F2021-1465-malhacao-sonhos-poster.jpg%22%7D%2C%7B%7D%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmtealium&ec=4&o=30&fbp=fb.1.1641236102538.1499503137&it=1641236102438&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 03 Jan 2022 18:55:03 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/987597516/ 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/987597516/?random=1641236102830&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=1988451167&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/987597516/ 42 B
64 B 50ms
49ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/987597516/?random=1641236102830&cv=9&fst=1641232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgloboplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&tiba=Assistir%20online%20no%20Globoplay&async=1&fmt=3&is_vtc=1&random=1988451167&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10174909.jpg
s02.video.glbimg.com/x216/ 15 KB
15 KB 1180ms
672ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s02.video.glbimg.com/x216/10174909.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

100ab914be7087e06ee640f04de426c52c24d71bac313c6f691528ceb7856d75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1055960224 ra03 11 04
age: 71906
content-transfer-encoding: binary
content-disposition: inline; filename="10174909_x216.jpg"
content-length: 14857
x-xss-protection: 1; mode=block
x-request-id: c046b68f-e00a-40ff-b1ce-4dbf70c1b75e
x-runtime: 0.185512
last-modified: Fri, 31 Dec 2021 22:29:38 GMT
x-thanos: 0AB1D00B
etag: 14caf138b806690087af3b57b5c03f284f020dda
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 10:56:37 GMT

GET
H2 200 10172800.jpg
s01.video.glbimg.com/x216/ 15 KB
16 KB 1011ms
449ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.video.glbimg.com/x216/10172800.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

434abdec4d49b8bdd1c1c22b2654a77262f0968aec3c8bb03aebce56199f7e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1051777456 ra03 11 06
age: 64489
content-transfer-encoding: binary
content-disposition: inline; filename="10172800_x216.jpg"
content-length: 15430
x-xss-protection: 1; mode=block
x-request-id: 2462aac8-8a65-44e7-bd4a-74f74fca7acc
x-runtime: 0.302776
last-modified: Fri, 31 Dec 2021 00:28:00 GMT
x-thanos: 0AB1D011
etag: 04134e4c75ccc7ae07897df86acc15629dd937f0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 13:00:13 GMT

GET
H2 200 10169258.jpg
s03.video.glbimg.com/x216/ 14 KB
15 KB 688ms
226ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s03.video.glbimg.com/x216/10169258.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

08bc2b0a45a18f819514b324a81fba9433e925acfc9122e853e3034c83a83c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1062880320 ra09 20 02
age: 73375
content-transfer-encoding: binary
content-disposition: inline; filename="10169258_x216.jpg"
content-length: 14391
x-xss-protection: 1; mode=block
x-request-id: aafce315-d818-403c-a60c-4041940bd4a2
x-runtime: 0.328896
last-modified: Wed, 29 Dec 2021 21:49:37 GMT
x-thanos: 0AB4D011
etag: 8741848f8216c17d8c8f18803db2556752e142a7
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 10:32:08 GMT

GET
H2 200 10165725.jpg
s02.video.glbimg.com/x216/ 15 KB
15 KB 1181ms
673ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s02.video.glbimg.com/x216/10165725.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

248ff21c1f60a7d465f8425410c566403ee878da5acc04f4651fa6d70e8315b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1054436211 ra03 11 04
age: 66772
content-transfer-encoding: binary
content-disposition: inline; filename="10165725_x216.jpg"
content-length: 15387
x-xss-protection: 1; mode=block
x-request-id: 38e53d78-c263-40a6-a9d1-64a75b38cfa1
x-runtime: 0.172943
last-modified: Wed, 29 Dec 2021 00:06:28 GMT
x-thanos: 0AB1D00B
etag: a1b671c100005ff392c8da55511d3eee356406e6
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 12:22:11 GMT

GET
H2 200 10162520.jpg
s01.video.glbimg.com/x216/ 12 KB
13 KB 786ms
225ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.video.glbimg.com/x216/10162520.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

e1bfc673d78e558e00af3b49e472918c717488e107f935afc398f32cbfe0fa70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1055392902 ra03 11 06
age: 70811
content-transfer-encoding: binary
content-disposition: inline; filename="10162520_x216.jpg"
content-length: 12390
x-xss-protection: 1; mode=block
x-request-id: 575976b4-f0c0-4e8a-bb68-37749e3f9468
x-runtime: 0.367064
last-modified: Mon, 27 Dec 2021 22:56:51 GMT
x-thanos: 0AB1D011
etag: 484ab7cd963659c45b1a3bee1c491c363497c31e
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 11:14:52 GMT

GET
H2 200 10157309.jpg
s02.video.glbimg.com/x216/ 13 KB
13 KB 956ms
449ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s02.video.glbimg.com/x216/10157309.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

a4a3ca1133982c1d5f29218e6cbb42afea3a0bc2c1ba389af961f8e9dff9dbf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1053120738 ra03 11 04
age: 71233
content-transfer-encoding: binary
content-disposition: inline; filename="10157309_x216.jpg"
content-length: 12876
x-xss-protection: 1; mode=block
x-request-id: 4e1c7178-2e43-480d-a77c-9b9a6c219d57
x-runtime: 0.180359
last-modified: Fri, 24 Dec 2021 22:35:49 GMT
x-thanos: 0AB1D00B
etag: 85e12fa0ba68f0667e7be81d75c73629ee54d6df
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 11:07:50 GMT

GET
H2 200 10154206.jpg
s03.video.glbimg.com/x216/ 10 KB
11 KB 1136ms
675ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s03.video.glbimg.com/x216/10154206.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

992b4863f11221352c9359ee714d3dd1e6c6fa7c89cf589defa4061b24b135b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1062851205 ra09 20 02
age: 58156
content-transfer-encoding: binary
content-disposition: inline; filename="10154206_x216.jpg"
content-length: 10707
x-xss-protection: 1; mode=block
x-request-id: 60979a57-af56-4727-9ff8-03628e953edb
x-runtime: 0.181902
last-modified: Thu, 23 Dec 2021 23:57:15 GMT
x-thanos: 0AB4D011
etag: d0214325bd5fd8d1361e48622b8fab9a9185f07d
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 14:45:46 GMT

GET
H2 200 10151174.jpg
s03.video.glbimg.com/x216/ 15 KB
16 KB 1300ms
900ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s03.video.glbimg.com/x216/10151174.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

0e723c8f1b081f76436ab6198adb0c0a0c26b7cdc0e74c17f0917e025084fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1061907357 ra09 20 02
age: 68893
content-transfer-encoding: binary
content-disposition: inline; filename="10151174_x216.jpg"
content-length: 15656
x-xss-protection: 1; mode=block
x-request-id: 182028c5-14eb-44a4-9fba-df25b741b06c
x-runtime: 0.297247
last-modified: Wed, 22 Dec 2021 21:44:41 GMT
x-thanos: 0AB4D011
etag: 89d6c501ee20ef4b185f8660def7ffcc19ec10a6
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 11:46:50 GMT

GET
H2 200 10148002.jpg
s03.video.glbimg.com/x216/ 13 KB
14 KB 849ms
451ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s03.video.glbimg.com/x216/10148002.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

f04e63a1c62b5533546104f1354b475093a104135c76cbd7c6c9509bcc4832e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1061354776 ra09 20 02
age: 68893
content-transfer-encoding: binary
content-disposition: inline; filename="10148002_x216.jpg"
content-length: 13389
x-xss-protection: 1; mode=block
x-request-id: 9749a2fe-5923-47f9-af46-85703a284a0c
x-runtime: 0.335098
last-modified: Tue, 21 Dec 2021 21:48:18 GMT
x-thanos: 0AB4D011
etag: 37ff7fb5cd2c2cf3c147df96446efeb4e7bcbd77
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 11:46:50 GMT

GET
H2 200 10144722.jpg
s03.video.glbimg.com/x216/ 10 KB
11 KB 1075ms
677ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s03.video.glbimg.com/x216/10144722.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

4c23aeb05cbabee0516188b7ed24bae783840eb13585efae6645e7ad94086c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1063143888 ra09 20 02
age: 65558
content-transfer-encoding: binary
content-disposition: inline; filename="10144722_x216.jpg"
content-length: 10385
x-xss-protection: 1; mode=block
x-request-id: ebe6c766-83d4-4341-8379-99c6bdca188c
x-runtime: 0.168641
last-modified: Mon, 20 Dec 2021 22:47:20 GMT
x-thanos: 0AB4D011
etag: b973e4ede36b4bf698d37e2e5c0a59d19d62f7f6
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 12:42:25 GMT

GET
H2 200 10138950.jpg
s03.video.glbimg.com/x216/ 11 KB
12 KB 948ms
676ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s03.video.glbimg.com/x216/10138950.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

0dd43370568388e92ff6bcf241afa934aac630fb559b343930f980c07a260bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1063441276 ra09 20 02
age: 65558
content-transfer-encoding: binary
content-disposition: inline; filename="10138950_x216.jpg"
content-length: 11451
x-xss-protection: 1; mode=block
x-request-id: e0311597-1bc0-4a68-95c7-ba4095eb6080
x-runtime: 0.339846
last-modified: Fri, 17 Dec 2021 21:53:02 GMT
x-thanos: 0AB4D011
etag: 70aafdd36af4c8c8f2ed2b10705d157ed60e3255
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 12:42:25 GMT

GET
H2 200 10135254.jpg
s03.video.glbimg.com/x216/ 15 KB
16 KB 821ms
821ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s03.video.glbimg.com/x216/10135254.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

4eef68c81749c8d56e8fb42b6a1b8709757124b145b45fdc6876fff394e7f44d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1063339276 ra09 20 02
age: 65821
content-transfer-encoding: binary
content-disposition: inline; filename="10135254_x216.jpg"
content-length: 15735
x-xss-protection: 1; mode=block
x-request-id: 7eae5bb9-76d0-4335-b7d5-fdd34432756b
x-runtime: 0.319772
last-modified: Thu, 16 Dec 2021 21:50:20 GMT
x-thanos: 0AB4D011
etag: e448af85146321be26bc0dad4ba35f86f38b1e5f
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 12:38:02 GMT

GET
H2 200 10131698.jpg
s03.video.glbimg.com/x216/ 14 KB
15 KB 821ms
821ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s03.video.glbimg.com/x216/10131698.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

214175e2184c0c50ba43c4662433b3154509a30ec46c4f11ddf2d865a4dc37eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1062524750 ra09 20 02
age: 65821
content-transfer-encoding: binary
content-disposition: inline; filename="10131698_x216.jpg"
content-length: 14482
x-xss-protection: 1; mode=block
x-request-id: 85c66a76-a37e-4b2d-a8a5-caa19cca20bb
x-runtime: 0.349799
last-modified: Wed, 15 Dec 2021 21:11:42 GMT
x-thanos: 0AB4D011
etag: 00ca4c2d86f435d8e99f23b393776f4fd0652ef9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 12:38:02 GMT

GET
H2 200 10128317.jpg
s02.video.glbimg.com/x216/ 16 KB
16 KB 543ms
224ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s02.video.glbimg.com/x216/10128317.jpg

Requested by

Host: globoplay.globo.com
URL: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

bfd9f4e9ba37ed3e147bf232c521d468165f24abcf05da6113c572b61ad37ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1055869474 ra03 11 04
age: 66009
content-transfer-encoding: binary
content-disposition: inline; filename="10128317_x216.jpg"
content-length: 15926
x-xss-protection: 1; mode=block
x-request-id: f98fdc84-9949-4d44-965c-49124d8fc689
x-runtime: 0.278851
last-modified: Tue, 14 Dec 2021 21:40:16 GMT
x-thanos: 0AB1D00B
etag: 7e8db11d624e801d756e3b65d37b9c1a088911e1
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Mon, 03 Jan 2022 12:34:53 GMT

POST
H2 200 customer Show response
api.shopback.net/auth/ 743 B
989 B 304ms
111ms Fetch
application/json 54.87.32.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.shopback.net/auth/customer

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.32.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-32-120.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5af567d8205c8a716ccafa885f06c1c46f8a0068aad4343ccda19c962ce7d95e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://globoplay.globo.com/
referer-new: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://globoplay.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Authorization, Client-Security-Token, Session, Cookie, Access-Control-Request-Method

OPTIONS
H2 200 customer
api.shopback.net/auth/ Frame 0
0 309ms
99ms Preflight
text/html 54.87.32.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.shopback.net/auth/customer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.32.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-32-120.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,referer-new
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
content-type: text/html; charset=UTF-8
server: nginx
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-headers: content-type,referer-new
strict-transport-security: max-age=31536000
content-encoding: gzip

GET
H3 200 ad350. Show response
fundingchoicesmessages.google.com/f/AGSKWxUOzRVTr-0ZLtsvt41CB1PlEA3TMd8FZa23VpdKvpAzdlfM9B6XQrUbdW_Ek0bDZfCMjlqLPXXMVuNhqrW6Mt_SGj4jGMqZLKojJXDdQI9scVtg0OFivxXOKYI0ivbHztjfv17DFaScEcsnzqYPlLHJSPLtY... 54 B
106 B 53ms
53ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUOzRVTr-0ZLtsvt41CB1PlEA3TMd8FZa23VpdKvpAzdlfM9B6XQrUbdW_Ek0bDZfCMjlqLPXXMVuNhqrW6Mt_SGj4jGMqZLKojJXDdQI9scVtg0OFivxXOKYI0ivbHztjfv17DFaScEcsnzqYPlLHJSPLtYsg6Afzz4Z3xccF6ZS4-IuSZcydawiL6NEdvdClNboxr8lE6sBy4yXMfbvYVIZM5AVX5pzFqE2gqqnY1/_/ads/google1./adjug./ads/dfp._ad_new_/ad350.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.I5jW2UAii_k.es5.O/d=1/rs=AJlcJMwiQ1qOE2WmVgvKS10X_j49PsLaBg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35a6a9dbfb2006511eced5c412782d86d8ac3cef54aea2bfb5179bd0e9789981

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rOVHBJDrCa41/esUKaFOrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rOVHBJDrCa41/esUKaFOrQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rOVHBJDrCa41/esUKaFOrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rOVHBJDrCa41/esUKaFOrQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 77 KB
29 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.I5jW2UAii_k.es5.O/d=1/rs=AJlcJMwiQ1qOE2WmVgvKS10X_j49PsLaBg/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0df407f131fd1642dac24393a6b033a08d1d292efeebc6778420f3783226674b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28848
x-xss-protection: 0
server: cafe
etag: 14024096500258906348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 19:45:53 GMT

POST
H3 204 AGSKWxWGppP-c4jzs_MF4nhk0QfQADT1suN_JZ3JF6faZFjd6cHZ1xFuMfk9XSd_DQPIFVUB7dCVmopTH1alTUwwGVU2zVBCsJSgqanx1n5vb46PgyMxoBzQmlT8lYQ16hSYrEwfui8MDvQ-sFKzDQ13b1JP8yys08AOiV3Vp5T7Hn9RPGHjZVupFZ31Dw== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 136ms
89ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGppP-c4jzs_MF4nhk0QfQADT1suN_JZ3JF6faZFjd6cHZ1xFuMfk9XSd_DQPIFVUB7dCVmopTH1alTUwwGVU2zVBCsJSgqanx1n5vb46PgyMxoBzQmlT8lYQ16hSYrEwfui8MDvQ-sFKzDQ13b1JP8yys08AOiV3Vp5T7Hn9RPGHjZVupFZ31Dw==

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6zAQp16tMDTQm+paNesLWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6zAQp16tMDTQm+paNesLWg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6zAQp16tMDTQm+paNesLWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6zAQp16tMDTQm+paNesLWg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWGppP-c4jzs_MF4nhk0QfQADT1suN_JZ3JF6faZFjd6cHZ1xFuMfk9XSd_DQPIFVUB7dCVmopTH1alTUwwGVU2zVBCsJSgqanx1n5vb46PgyMxoBzQmlT8lYQ16hSYrEwfui8MDvQ-sFKzDQ13b1JP8yys08AOiV3Vp5T7Hn9RPGHjZVupFZ31Dw== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 89ms
88ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DWk27wm0oJ7zIbNEsFf5lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DWk27wm0oJ7zIbNEsFf5lg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DWk27wm0oJ7zIbNEsFf5lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DWk27wm0oJ7zIbNEsFf5lg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK globoplay
horizon-track.globo.com/event/ 0
540 B 1183ms
464ms Ping
text/plain 131.0.25.125
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-track.globo.com/event/globoplay

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.125 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-125.prt.globo.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryMaAoaXVvhcG5aAFw

Response headers

Date: Mon, 03 Jan 2022 18:55:04 GMT
Server: nginx
X-Served-From: hzt-tsuru
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://globoplay.globo.com
Connection: keep-alive
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=60
Access-Control-Allow-Headers: user,User-Agent,Content-Type,GLBID,GLBUID,GST
Content-Length: 0

POST
H2 200 start Show response
api.shopback.net/clients/5bbbcb9621968f9b2c016802/customers/$2waykWRFRkZalmeBFVeqVkTVRDcj1GV55EWqFmUo1mbaxmM6VFNqVTTsRDaZlneY1UQ6JXT5R1cOd1aIJFMqRUW2$12/tracking/ 875 B
746 B 106ms
106ms Fetch
application/json 54.87.32.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.shopback.net/clients/5bbbcb9621968f9b2c016802/customers/$2waykWRFRkZalmeBFVeqVkTVRDcj1GV55EWqFmUo1mbaxmM6VFNqVTTsRDaZlneY1UQ6JXT5R1cOd1aIJFMqRUW2$12/tracking/start

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.32.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-32-120.compute-1.amazonaws.com

Software

nginx /

Resource Hash

361006c5423524e808114a58e9ea3b8c790baa59b21e601982628902f1a3f4df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://globoplay.globo.com/
referer-new: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Accept-Language: de-DE,de;q=0.9
authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJhcGkuc2JhY2sudGVjaCIsImlhdCI6MTY0MTIzNjEwMywiZXhwIjoxNjQxMzIyNTAzLCJhcGkiOiJ2MiIsImRhdGEiOnsiY2xpZW50X2lkIjoiNWJiYmNiOTYyMTk2OGY5YjJjMDE2ODAyIiwiY2xpZW50X2RvbWFpbiI6Imdsb2JvcGxheS5nbG9iby5jb20iLCJjdXN0b21lcl9pZCI6IjYxZDM0Njg3NWNkZjY1Mjg2MzMzNWQ0YiIsImN1c3RvbWVyX2Fub255bW91cyI6dHJ1ZSwiY29ubmVjdGlvbl9pZCI6IjYxZDM0Njg3NWNkZjY1Mjg2MzMzNWQ0YyIsImFjY2Vzc19sZXZlbCI6ImN1c3RvbWVyIn19.teqh3rnKxDDXDuyn4lPEIWsOsyh99L8zWkG2_xBrR2c.WrWruyzRWrgPKquyWrqBKq
content-type: application/json

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://globoplay.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Authorization, Client-Security-Token, Session, Cookie, Access-Control-Request-Method

OPTIONS
H2 200 start
api.shopback.net/clients/5bbbcb9621968f9b2c016802/customers/$2waykWRFRkZalmeBFVeqVkTVRDcj1GV55EWqFmUo1mbaxmM6VFNqVTTsRDaZlneY1UQ6JXT5R1cOd1aIJFMqRUW2$12/tracking/ Frame 0
0 98ms
98ms Preflight
text/html 54.87.32.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.shopback.net/clients/5bbbcb9621968f9b2c016802/customers/$2waykWRFRkZalmeBFVeqVkTVRDcj1GV55EWqFmUo1mbaxmM6VFNqVTTsRDaZlneY1UQ6JXT5R1cOd1aIJFMqRUW2$12/tracking/start

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.32.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-32-120.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,referer-new
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 03 Jan 2022 18:55:03 GMT
content-type: text/html; charset=UTF-8
server: nginx
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-headers: authorization,content-type,referer-new
strict-transport-security: max-age=31536000
content-encoding: gzip

OPTIONS
H2 200 get
ckies.net/ Frame 0
0 188ms
187ms Preflight
text/html 13.35.253.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckies.net/get?filter=w&source=https%3A%2F%2Fgloboplay.globo.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-69.fra6.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,referer-new
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 03 Jan 2022 18:55:04 GMT
server: nginx
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
access-control-allow-headers: authorization,content-type,referer-new
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 0UAsTWjHfzcwseyz9u_ZiM66W_nK_HCzVEunVV4pFDAGxlRZWs1Uaw==

GET
H2 200 get Show response
ckies.net/ 2 B
673 B 192ms
192ms Fetch
application/json 13.35.253.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckies.net/get?filter=w&source=https%3A%2F%2Fgloboplay.globo.com
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-69.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://globoplay.globo.com/
referer-new: https://globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm/
Accept-Language: de-DE,de;q=0.9
authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJhcGkuc2JhY2sudGVjaCIsImlhdCI6MTY0MTIzNjEwMywiZXhwIjoxNjQxMzIyNTAzLCJhcGkiOiJ2MiIsImRhdGEiOnsiY2xpZW50X2lkIjoiNWJiYmNiOTYyMTk2OGY5YjJjMDE2ODAyIiwiY2xpZW50X2RvbWFpbiI6Imdsb2JvcGxheS5nbG9iby5jb20iLCJjdXN0b21lcl9pZCI6IjYxZDM0Njg3NWNkZjY1Mjg2MzMzNWQ0YiIsImN1c3RvbWVyX2Fub255bW91cyI6dHJ1ZSwiY29ubmVjdGlvbl9pZCI6IjYxZDM0Njg3NWNkZjY1Mjg2MzMzNWQ0YyIsImFjY2Vzc19sZXZlbCI6ImN1c3RvbWVyIn19.teqh3rnKxDDXDuyn4lPEIWsOsyh99L8zWkG2_xBrR2c.WrWruyzRWrgPKquyWrqBKq
content-type: application/json

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://globoplay.globo.com
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Authorization, Client-Security-Token, Session, Cookie, Access-Control-Request-Method
x-amz-cf-id: GGNrEMSGUaL0KpIvERz6rvA9x--p5dtsKplB8s9MSto2Z34Vm-P7vA==
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)

POST
H3 204 AGSKWxWGppP-c4jzs_MF4nhk0QfQADT1suN_JZ3JF6faZFjd6cHZ1xFuMfk9XSd_DQPIFVUB7dCVmopTH1alTUwwGVU2zVBCsJSgqanx1n5vb46PgyMxoBzQmlT8lYQ16hSYrEwfui8MDvQ-sFKzDQ13b1JP8yys08AOiV3Vp5T7Hn9RPGHjZVupFZ31Dw== Show response
fundingchoicesmessages.google.com/el/ 0
26 B 54ms
54ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jFxUnipj4b/inYWhZF7Heg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-jFxUnipj4b/inYWhZF7Heg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-jFxUnipj4b/inYWhZF7Heg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-jFxUnipj4b/inYWhZF7Heg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXrJSdfcQXFItXGlN77RmV4XN-OCOpXS0K4Aqf2gSNt5_UH-MRIwIRu4se9qG4giBxZHKjb0H_pKuGUZedn0HC6WZI-X0M4qNWRmio_XtLcDpg2EAtRNpnW2rxIOIxa1f_yCgee6OdGwIzpcbpW53KbX10ECBiH-UURp1UhtMEQzyZQTvspCnTtcw== Show response
fundingchoicesmessages.google.com/f/ 38 KB
14 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXrJSdfcQXFItXGlN77RmV4XN-OCOpXS0K4Aqf2gSNt5_UH-MRIwIRu4se9qG4giBxZHKjb0H_pKuGUZedn0HC6WZI-X0M4qNWRmio_XtLcDpg2EAtRNpnW2rxIOIxa1f_yCgee6OdGwIzpcbpW53KbX10ECBiH-UURp1UhtMEQzyZQTvspCnTtcw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQxMjM2MTA0LDI3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vZ2xvYm9wbGF5Lmdsb2JvLmNvbS9tYWxoYWNhby1zb25ob3MvdC9nSG5rbWc3WHZtLyIsbnVsbCxbXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.I5jW2UAii_k.es5.O/d=1/rs=AJlcJMwiQ1qOE2WmVgvKS10X_j49PsLaBg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

25b741d263838ec4d526084107a89e6331e3927d6e6feb14f0eaea4674bb87ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wZit6heFdCR0Bw96JpzyJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-wZit6heFdCR0Bw96JpzyJA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-wZit6heFdCR0Bw96JpzyJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-wZit6heFdCR0Bw96JpzyJA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWGppP-c4jzs_MF4nhk0QfQADT1suN_JZ3JF6faZFjd6cHZ1xFuMfk9XSd_DQPIFVUB7dCVmopTH1alTUwwGVU2zVBCsJSgqanx1n5vb46PgyMxoBzQmlT8lYQ16hSYrEwfui8MDvQ-sFKzDQ13b1JP8yys08AOiV3Vp5T7Hn9RPGHjZVupFZ31Dw== Show response
fundingchoicesmessages.google.com/el/ 0
26 B 86ms
86ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dbnCWiF/8W+relw3H/q0QA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dbnCWiF/8W+relw3H/q0QA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-dbnCWiF/8W+relw3H/q0QA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dbnCWiF/8W+relw3H/q0QA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUDv_b1HXkYfjeMs8Um7iinDOua-3J8SnqaP7tuMSyH4Mj82c_SUNVCEM_uI0faXDyIwsjtenfS46-ac6s7VgWuXsSdrGUjmgwbpsX6Kq6eK0_XvcDnr85GieJbjHBsmWI-lH35hRXELeBphdThzyvoRXZv_Nnmg6lfC4MPC-c31p9rS7XIvNcFBg== Show response
fundingchoicesmessages.google.com/el/ 0
26 B 54ms
54ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUDv_b1HXkYfjeMs8Um7iinDOua-3J8SnqaP7tuMSyH4Mj82c_SUNVCEM_uI0faXDyIwsjtenfS46-ac6s7VgWuXsSdrGUjmgwbpsX6Kq6eK0_XvcDnr85GieJbjHBsmWI-lH35hRXELeBphdThzyvoRXZv_Nnmg6lfC4MPC-c31p9rS7XIvNcFBg==

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Oswnw8slQRWn5+YAd0NvaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Oswnw8slQRWn5+YAd0NvaQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Oswnw8slQRWn5+YAd0NvaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Oswnw8slQRWn5+YAd0NvaQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUDv_b1HXkYfjeMs8Um7iinDOua-3J8SnqaP7tuMSyH4Mj82c_SUNVCEM_uI0faXDyIwsjtenfS46-ac6s7VgWuXsSdrGUjmgwbpsX6Kq6eK0_XvcDnr85GieJbjHBsmWI-lH35hRXELeBphdThzyvoRXZv_Nnmg6lfC4MPC-c31p9rS7XIvNcFBg== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 88ms
88ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MObIzy9wEvR5YX/fpkFn7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-MObIzy9wEvR5YX/fpkFn7Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MObIzy9wEvR5YX/fpkFn7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-MObIzy9wEvR5YX/fpkFn7Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUDv_b1HXkYfjeMs8Um7iinDOua-3J8SnqaP7tuMSyH4Mj82c_SUNVCEM_uI0faXDyIwsjtenfS46-ac6s7VgWuXsSdrGUjmgwbpsX6Kq6eK0_XvcDnr85GieJbjHBsmWI-lH35hRXELeBphdThzyvoRXZv_Nnmg6lfC4MPC-c31p9rS7XIvNcFBg== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 90ms
90ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-epD1X5tLP+AwVhWqAu6TQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-epD1X5tLP+AwVhWqAu6TQw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://globoplay.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-epD1X5tLP+AwVhWqAu6TQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-epD1X5tLP+AwVhWqAu6TQw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK FXL-111-1159 Show response
api.fixelapp.com/api/v2/grade/ 59 B
358 B 114ms
114ms XHR
application/json 52.72.241.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fixelapp.com/api/v2/grade/FXL-111-1159
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.241.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-241-250.compute-1.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: fbd6017683e5e98f08bfd009f39340d0de149de152dcd3f31a9e1f396d658212

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 03 Jan 2022 18:55:04 GMT
Server: nginx/1.18.0
X-Powered-By: Express
ETag: W/"3b-MHOysIYepHURITDETSm+FLu2xvA"
Access-Control-Allow-Methods: *
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 59

GET
H2

200

radar.js Show response
radar.cedexis.com/1621860284/
Redirect Chain

https://radar.cedexis.com/1/23346/radar.js
https://radar.cedexis.com/1621860284/radar.js

44 KB
19 KB

24ms
24ms

Script
application/javascript

35.241.57.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1621860284/radar.js
Protocol: H2
Server: 35.241.57.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.57.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 38b126f92a3104c7d73e1cf2f448db9896d4f29ebf3a7b593b380e6cdd0ae378

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
content-encoding: gzip
last-modified: Mon, 24 May 2021 13:00:31 GMT
server: nginx
etag: W/"60aba36f-af61"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=1209600, public
alt-svc: clear
expires: Mon, 17 Jan 2022 18:55:04 GMT

Redirect headers

date: Mon, 03 Jan 2022 18:55:04 GMT
via: 1.1 google
server: nginx
vary: User-Agent,DNT
content-type: text/html
location: /1621860284/radar.js
cache-control: max-age=600
alt-svc: clear
content-length: 154
expires: Mon, 03 Jan 2022 19:05:04 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 78 B
236 B 27ms
27ms Script
text/javascript 52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.globo.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ed4042bf71d9ce59db0148f69b57e45f9f042911fd8aaaa669bdcb41a2a72b7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=82 t=1641236104
x-served-by: beacon-n013-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 356 B
502 B 104ms
104ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&technographics=1&callback=Krux.ns.globo.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bfb4feb441faee07723f127ae360dfc31ae153acd925397ef2143d2fe25108b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Mon, 03 Jan 2022 18:55:04 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a021-ash-prod.krxd.net, cache-hhn4069-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1641236105.592337,VS0,VE98
content-length: 275
x-cache-hits: 0, 0

GET
H3 200 /
www.facebook.com/tr/ Frame 4848 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=228148035774464&ev=ViewContent&cd[content_type]=product&cd[content_ids]=%5B%221443963264339834175%22%5D&cd[product_catalog_id]=289385879397894&cd[product_category]=0&cd[criteo_audience_3_0]=A3&cd[external_id]=87fff405-face-4048-ac89-2f6272ac0131&cd[application_id]=423936147658676

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 03 Jan 2022 18:55:04 GMT

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=mwMTiAlD65qpmA0IB5-Oq54AgnDXt56Q
dpm.demdex.net/ Frame 4E89
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mwMTiAlD65qpmA0IB5-Oq54AgnDXt56Q

42 B
943 B

32ms
32ms

Image
image/gif

34.255.107.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mwMTiAlD65qpmA0IB5-Oq54AgnDXt56Q

Protocol

HTTP/1.1

Server

34.255.107.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-107-204.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v026-0662b9b89.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VjUEgpipQZI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mwMTiAlD65qpmA0IB5-Oq54AgnDXt56Q
date: Mon, 03 Jan 2022 18:55:03 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2650
content-length: 198
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 4E89
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay13R0ZNV2xldnRtNUE1eWlxZlg2NGtEOS1mbUcxTkFrUE8yUWNIZw
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
369 B

55ms
16ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:04 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 278806
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Criteo
crb.kargo.com/api/v1/dsync/ Frame 4E89 43 B
360 B 41ms
8ms Image
image/gif 3.121.106.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/Criteo?exid=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.106.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-106-122.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jan 2022 18:55:04 GMT
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Krk-Reject-Reason: consent
Content-Length: 43
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 4E89
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2933844562998605552

43 B
371 B

33ms
32ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2933844562998605552

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:03 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 17435112
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 Jan 2022 18:55:04 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4c5194e4-24a2-40c9-b6c2-a82a40011f24
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2933844562998605552
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 4E89 0
476 B 346ms
83ms Image
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-CZE8Ilevtm5A5yiqfX64kD9-fmEGvHkr3U_5rg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:04 GMT
Cache-Control: no-cache
X-TraceId: aebf295890e8fc3819304d4486c39863
Content-Length: 0

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 4E89 0
231 B 67ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-zfzfClevtm5A5yiqfX64kD9-fmFDZ26SJPPhBQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13888

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 4E89 0
239 B 36ms
9ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-NzlCzlevtm5A5yiqfX64kD9-fmHUQjfUx9h2oQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 4E89
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-tnhNBFevtm5A5yiqfX64kD9-fmEzRAfJMCh30g
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-tnhNBFevtm5A5yiqfX64kD9-fmEzRAfJMCh30g

43 B
448 B

32ms
32ms

Image
image/gif

34.240.183.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-tnhNBFevtm5A5yiqfX64kD9-fmEzRAfJMCh30g
Protocol: H2
Server: 34.240.183.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-183-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Jan 2022 18:55:04 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-tnhNBFevtm5A5yiqfX64kD9-fmEzRAfJMCh30g
date: Mon, 03 Jan 2022 18:55:04 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 4E89 0
444 B 76ms
21ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 4E89 0
479 B 52ms
12ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KgCTnlevtm5A5yiqfX64kD9-fmHACFdT-gXATw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame 4E89
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-xMaCXlevtm5A5yiqfX64kD9-fmGOc4XM0-vX_Q&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-xMaCXlevtm5A5yiqfX64kD9-fmGOc4XM0-vX_Q&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-xMaCXlevtm5A5yiqfX64kD9-fmGOc4XM0-vX_Q&_origin=1&apid=UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c

0
341 B

12ms
12ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-xMaCXlevtm5A5yiqfX64kD9-fmGOc4XM0-vX_Q&_origin=1&apid=UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-xMaCXlevtm5A5yiqfX64kD9-fmGOc4XM0-vX_Q&_origin=1&apid=UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c
date: Mon, 03 Jan 2022 18:55:04 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
contextual.media.net/ Frame 4E89 45 B
781 B 128ms
100ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-yf-rjlevtm5A5yiqfX64kD9-fmEGD1Io1Uo0oQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 03 Jan 2022 18:55:04 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 03 Jan 2022 18:55:04 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 4E89 0
239 B 53ms
8ms Image
text/plain 2600:9000:211e:7800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-ZxuUAFevtm5A5yiqfX64kD9-fmE6hR-8rwEQhw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
via: 1.1 753f415578c1ca010e51a83aef192331.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: N81djXkx6Z0KKuZbuiddXcwOBqMl0ucEyYdsfhAYnj0Z14aCfYB89A==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 4E89
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-U6_KW1evtm5A5yiqfX64kD9-fmELydqvYVuYIA&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-U6_KW1evtm5A5yiqfX64kD9-fmELydqvYVuYIA&expires=30

43 B
495 B

11ms
10ms

Image
image/gif

18.197.84.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-U6_KW1evtm5A5yiqfX64kD9-fmELydqvYVuYIA&expires=30
Protocol: HTTP/1.1
Server: 18.197.84.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-84-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-U6_KW1evtm5A5yiqfX64kD9-fmELydqvYVuYIA&expires=30
Date: Mon, 03 Jan 2022 18:55:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 4E89 43 B
714 B 127ms
39ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10000569

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:04 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 03 Jan 2022 18:55:04 GMT

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 4E89 43 B
274 B 62ms
25ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-hALprlevtm5A5yiqfX64kD9-fmH7PAcmyd1O5g&c=us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:04 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 4E89
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5pJpd1evtm5A5yiqfX64kD9-fmGx909iPcF_Jg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5pJpd1evtm5A5yiqfX64kD9-fmGx909iPcF_Jg&C=1

43 B
1 KB

17ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5pJpd1evtm5A5yiqfX64kD9-fmGx909iPcF_Jg&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jan 2022 18:55:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 Jan 2022 18:55:04 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 Jan 2022 18:55:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5pJpd1evtm5A5yiqfX64kD9-fmGx909iPcF_Jg&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Mon, 03 Jan 2022 18:55:04 GMT

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame 4E89
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg&custom=&tag_format=img&tag_action=sync&custom=&cb=42841710-b069-415c-ab61-8d0ba0e...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=42841710-b069-415...

0
638 B

31ms
31ms

Image
text/plain

54.155.208.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=42841710-b069-415c-ab61-8d0ba0e4b653&final=true&reqid=a9b83970-6cc6-11ec-ba06-bf00fd17b9de&timestamp=2022-01-03T18%3A55%3A04.839Z
Protocol: HTTP/1.1
Server: 54.155.208.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-208-14.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:04 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.18.0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 03 Jan 2022 18:55:04 GMT
Server: nginx/1.18.0
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /?account_id=1043&partner_id=1048&uid=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=42841710-b069-415c-ab61-8d0ba0e4b653&final=true&reqid=a9b83970-6cc6-11ec-ba06-bf00fd17b9de&timestamp=2022-01-03T18%3A55%3A04.839Z
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 294
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

m
cm.mgid.com/ Frame 4E89
Redirect Chain

https://cm.mgid.com/m?cdsp=617660&c=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg
https://cm.mgid.com/m?c=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg&cdsp=617660&sct=1

43 B
500 B

178ms
167ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?c=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg&cdsp=617660&sct=1
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6c7e7077a8f62b95-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://cm.mgid.com/m?c=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg&cdsp=617660&sct=1
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6c7e7076ba0368e6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 4E89
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg

95 B
425 B

20ms
20ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg
date: Mon, 03 Jan 2022 18:55:04 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 t.gif
cw.addthis.com/ Frame 4E89 0
427 B 180ms
144ms Image
text/plain 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-wGFMWlevtm5A5yiqfX64kD9-fmG1NAkPO2QcHg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:04 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 03 Jan 2022 18:55:04 GMT

GET
H2 200 pixelCt.tpmn
ad.tpmn.co.kr/ Frame 4E89 170 B
600 B 307ms
265ms Image
image/png 34.102.166.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-ZpXhV1evtm5A5yiqfX64kD9-fmFr9eVna4jmbQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.166.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.166.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:04 GMT
content-encoding: gzip
vary: accept-encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
content-type: image/png;charset=utf-8
alt-svc: clear
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 4E89 42 B
678 B 57ms
15ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-kz_EU1evtm5A5yiqfX64kD9-fmGJBqWbEGZkKg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 15:53:59 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:347
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/ Frame 4E89
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-sUSW0levtm5A5yiqfX64kD9-fmFeWUnuf1Uaaw&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-sUSW0levtm5A5yiqfX64kD9-fmFeWUnuf1Uaaw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-sUSW0levtm5A5yiqfX64kD9-fmFeWUnuf1Uaaw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-sUSW0levtm5A5yiqfX64kD9-fmFeWUnuf1Uaaw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Mon, 03 Jan 2022 18:55:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H3 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/globo-play/ 570 B
469 B 372ms
325ms Fetch
application/json 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/globo-play/installations

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

879a7250b5d1762c396bcc37bfdeebf0b552b3f751c6755a8c9c0d2eebcc279b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://globoplay.globo.com/
x-goog-api-key: AIzaSyDG7rYcDhj2mMqURfs_IXgZXHFDE8Mpcwc
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json

Response headers

date: Mon, 03 Jan 2022 18:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://globoplay.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 446
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/globo-play/ Frame 0
0 146ms
46ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/globo-play/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://globoplay.globo.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key
access-control-max-age: 3600
date: Mon, 03 Jan 2022 18:55:04 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
Ok providers.json Show response
i2-hiiowgkgxiflgapmgoiiolydxhibgn.init.cedexis-radar.net/i2/1/23346/j1/20/123/1641236104/0/0/ 4 KB
1 KB 74ms
16ms XHR
application/json 104.225.98.129
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-hiiowgkgxiflgapmgoiiolydxhibgn.init.cedexis-radar.net/i2/1/23346/j1/20/123/1641236104/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.98.129 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS: 129.98.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: ed9d92b3e166f8b8a98d4fc391b07e69fd3f0e1dad3112e20c21276d0f17258d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:04 GMT
Content-Encoding: gzip
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame 4E89
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=gWCxhunadoiLKDhxlBFCKJB63OLs2rEk

42 B
287 B

21ms
21ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=gWCxhunadoiLKDhxlBFCKJB63OLs2rEk
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Jan 2022 18:55:04 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=gWCxhunadoiLKDhxlBFCKJB63OLs2rEk
date: Mon, 03 Jan 2022 18:55:03 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2897
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame 4E89
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-IgfUqVevtm5A5yiqfX64kD9-fmFkE3HaHjROcA&_origin=1
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-IgfUqVevtm5A5yiqfX64kD9-fmFkE3HaHjROcA&_origin=1&apid=UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c

0
20 B

10ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-IgfUqVevtm5A5yiqfX64kD9-fmFkE3HaHjROcA&_origin=1&apid=UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-IgfUqVevtm5A5yiqfX64kD9-fmFkE3HaHjROcA&_origin=1&apid=UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c
date: Mon, 03 Jan 2022 18:55:04 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame 4E89
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-k_-YyFevtm5A5yiqfX64kD9-fmFz8iV1KQUM0g&_origin=1
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-k_-YyFevtm5A5yiqfX64kD9-fmFz8iV1KQUM0g&_origin=1&apid=UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c

0
20 B

12ms
12ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-k_-YyFevtm5A5yiqfX64kD9-fmFz8iV1KQUM0g&_origin=1&apid=UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-k_-YyFevtm5A5yiqfX64kD9-fmFz8iV1KQUM0g&_origin=1&apid=UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c
date: Mon, 03 Jan 2022 18:55:04 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
Ok 1641236095439 Show response
rpt.cedexis.com/n1/0/1641236091405/0/0/0/0/1641236091405/1641236091406/1641236092000/1641236092000/1641236092468/1641236092232/1641236092468/1641236093111/1641236093112/1641236093114/1641236095429/... 16 B
283 B 84ms
16ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1641236091405/0/0/0/0/1641236091405/1641236091406/1641236092000/1641236092000/1641236092468/1641236092232/1641236092468/1641236093111/1641236093112/1641236093114/1641236095429/1641236101054/1641236101054/1641236104554/1641236104554/1641236104601/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/1641236095439
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:04 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 4E89 43 B
1 KB 34ms
34ms Image
image/gif 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-KYqViFevtm5A5yiqfX64kD9-fmGYI_fZcj9CVw&seg=95287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jan 2022 18:55:04 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0f9378ae-0288-4211-9d3c-057e2775eb54
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 4E89 43 B
79 B 39ms
39ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:04 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 03 Jan 2022 18:55:04 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
336 B 27ms
27ms Image
text/plain 52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=rrpdr7kps&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Globoplay%20APPs%20e%20TVs%20Conectadas&_kcp_d=globoplay.globo.com&_knifr=14&_kua_kx_tz=0&geo_country=de&geo_region=he&geo_dma=276003&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=he&_kua_kx_geo_dma=276003&_kua_kx_whistle=0&_kpa_meta_keywordsDELIM=%2C&_kpa_kx_context_terms=Nu7TXY_T%3A4%2CNu7TU1DK%3A2%2CNu7TWLJz%3A2%2CNu7TTsTR%3A1%2CNu7TUrCU%3A10%2CNu7TTFG6%3A6%2CNu7TXmVC%3A4&_kpa_url_path_1=malhacao-sonhos&_kpa_url_path_2=t&_kpa_url_path_3=gHnkmg7Xvm&_kpa_title=Assistir%20Malha%C3%A7%C3%A3o%20Sonhos%20online%20no%20Globoplay&_kpa_full_path=globoplay.globo.com%2Fmalhacao-sonhos%2Ft%2FgHnkmg7Xvm%2F&_kpa_subdomain=globoplay&_kpa_domain=globo&_kpa_browser_name=Chrome&t_navigation_type=0&t_dns=594&t_tcp=468&t_http_request=-1&t_http_response=1&t_content_ready=4024&t_window_load=13149&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w0j9j65ec&userdata_user=OlHxAoqC%2Cw0j9j65ec&sview=1&kplt0=19929&kplt1=19930&kplt2=19936&kplt3=30153&kplt4=32767&kplt5=32768&kplt6=41929&kplt7=43900&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C111%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C44%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=51 t=1641236104
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 t.gif
cw.addthis.com/ Frame 4E89 0
427 B 199ms
198ms Image
text/plain 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-NzlCzlevtm5A5yiqfX64kD9-fmHUQjfUx9h2oQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 18:55:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 03 Jan 2022 18:55:05 GMT

POST
H3 200 fireperf:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/globo-play/namespaces/ 1 KB
450 B 110ms
65ms Fetch
application/json 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/globo-play/namespaces/fireperf:fetch?key=AIzaSyDG7rYcDhj2mMqURfs_IXgZXHFDE8Mpcwc

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab539f25d2719153392d7113a7ee353130679b8e088813aa1b37a9f0ba288e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
Authorization: FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6ODQ2MTE1OTM1NTM3OndlYjpiMGZlMzI0ZWQxNGU4NDEwIiwiZXhwIjoxNjQxODQwOTA1LCJmaWQiOiJkQklZVUpGNFZlU3lhTk5KNFg3MDAxIiwicHJvamVjdE51bWJlciI6ODQ2MTE1OTM1NTM3fQ.AB2LPV8wRQIgAoUDYWxmwT8eRQI15auuJAJ50I8qKufnyN_-W_2y09cCIQCgpsQxnhOe-TO5xodNOPDDW0ZBOyNnKj6uxPlWlpOH1Q
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 03 Jan 2022 18:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
etag: etag-globo-play-fireperf-fetch-1271329008
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://globoplay.globo.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 426
x-xss-protection: 0

OPTIONS
H2 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/globo-play/namespaces/ Frame 0
0 147ms
46ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/globo-play/namespaces/fireperf:fetch?key=AIzaSyDG7rYcDhj2mMqURfs_IXgZXHFDE8Mpcwc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://globoplay.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://globoplay.globo.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: authorization
access-control-max-age: 3600
date: Mon, 03 Jan 2022 18:55:05 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 r20.gif
p41683.cedexis-test.com/img/41683/ 43 B
365 B 79ms
15ms Image
image/gif 163.171.245.214
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p41683.cedexis-test.com/img/41683/r20.gif?rnd=1-1-23346-0-0-41683-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.245.214 , United States, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: QTL_Cache/1.2.09 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 17:44:39 GMT
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: QTL_Cache/1.2.09
age: 1213827
etag: "5b7c8475-2b"
x-cache-status: HIT
x-qtl-request-id: 34dee28c92cc9dcbfeb4d3e3bae4734e
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]

GET
H2 200 iuni4.html Show response
p41683.cedexis-test.com/img/41683/ Frame 5C6D 2 KB
1 KB 15ms
15ms Document
text/html 163.171.245.214
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://p41683.cedexis-test.com/img/41683/iuni4.html?rnd=-1-1-23346-0-0-41683-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/23346/radar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.245.214 , United States, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: QTL_Cache/1.2.09 /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/

Response headers

content-type: text/html
access-control-allow-origin: *
cache-control: max-age=2629743, public
date: Mon, 20 Dec 2021 17:44:39 GMT
etag: W/"5b7c8475-7db"
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
timing-allow-origin: *
content-encoding: gzip
x-cache-status: HIT
x-qtl-request-id: 46ae7aacd7bf3eecbcd4de7bf8617b96
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
age: 1213827
server: QTL_Cache/1.2.09

GET
H2 200 iuni4.html Show response
p41683.cedexis-test.com/img/41683/ Frame 5C6D 2 KB
1 KB 15ms
15ms XHR
text/html 163.171.245.214
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://p41683.cedexis-test.com/img/41683/iuni4.html?rnd=-1-1-23346-0-0-41683-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: p41683.cedexis-test.com
URL: https://p41683.cedexis-test.com/img/41683/iuni4.html?rnd=-1-1-23346-0-0-41683-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.245.214 , United States, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: QTL_Cache/1.2.09 /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p41683.cedexis-test.com/img/41683/iuni4.html?rnd=-1-1-23346-0-0-41683-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 17:44:39 GMT
content-encoding: gzip
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: QTL_Cache/1.2.09
age: 1213827
etag: W/"5b7c8475-7db"
x-cache-status: HIT
x-qtl-request-id: 82906e10949a25030b60117ff6080ffd
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=2629743, public
timing-allow-origin: *
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 50ms
17ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/41683/1,2/0/14/2.0%20eu-nl-ams1-cache-0001%20%5BHIT%5D/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:06 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
p41683.cedexis-test.com/img/41683/ 43 B
363 B 15ms
15ms Image
image/gif 163.171.245.214
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p41683.cedexis-test.com/img/41683/r20.gif?rnd=0-1-23346-0-0-41683-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.245.214 , United States, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: QTL_Cache/1.2.09 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 17:44:39 GMT
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: QTL_Cache/1.2.09
age: 1213827
etag: "5b7c8475-2b"
x-cache-status: HIT
x-qtl-request-id: 4654ec4886231aaeacace051cf494eee
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 49ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/41683/0,2/0/14/2.0%20eu-nl-ams1-cache-0001%20%5BHIT%5D/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:06 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20-100KB.png
p41683.cedexis-test.com/img/41683/ 100 KB
100 KB 16ms
16ms Image
image/png 163.171.245.214
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p41683.cedexis-test.com/img/41683/r20-100KB.png?rnd=14-1-23346-0-0-41683-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.245.214 , United States, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: QTL_Cache/1.2.09 /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 17:44:40 GMT
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: QTL_Cache/1.2.09
age: 1213826
etag: "5b7c8475-19000"
x-cache-status: HIT
x-qtl-request-id: 1d2d2e3065eb48eb74f47a399be5dde3
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 102400
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 15ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/41683/14,2/0/23255/2.0%20eu-nl-ams1-cache-0001%20%5BHIT%5D/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:06 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
limelight-ssl.cedexis-test.com/img/17003/ 43 B
297 B 76ms
19ms Image
image/gif 68.142.70.14
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://limelight-ssl.cedexis-test.com/img/17003/r20.gif?rnd=1-1-23346-0-0-17003-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.142.70.14 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-68-142-70-14.any.llnw.net
Software: EdgePrism/4.9.4.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-llnw-info: na
date: Mon, 03 Jan 2022 18:55:06 GMT
server: EdgePrism/4.9.4.0
mime-version: 1.0
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2629743, public
timing-allow-origin: *
content-length: 43
x-llid: 62ab8abba819c6f5a611b3f14531ab9c

GET
H2 200 iuni4.html Show response
limelight-ssl.cedexis-test.com/img/17003/ Frame 3680 2 KB
2 KB 19ms
19ms Document
text/html 68.142.70.14
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://limelight-ssl.cedexis-test.com/img/17003/iuni4.html?rnd=-1-1-23346-0-0-17003-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/23346/radar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.142.70.14 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-68-142-70-14.any.llnw.net
Software: EdgePrism/4.9.4.0 /
Resource Hash: 849dca988ce512924bd189131af8ed51c1ad0c742697ac86c3d2bef86253b110

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/

Response headers

date: Mon, 03 Jan 2022 18:55:06 GMT
content-type: text/html
content-length: 2004
server: EdgePrism/4.9.4.0
mime-version: 1.0
x-llid: e2d9c60a31d4819296f72d17eeff4629
x-llnw-info: na
timing-allow-origin: *
access-control-allow-origin: *
cache-control: max-age=2629743, public
access-control-allow-methods: GET,HEAD,OPTIONS

GET
H2 200 iuni4.html Show response
limelight-ssl.cedexis-test.com/img/17003/ Frame 3680 2 KB
2 KB 19ms
19ms XHR
text/html 68.142.70.14
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://limelight-ssl.cedexis-test.com/img/17003/iuni4.html?rnd=-1-1-23346-0-0-17003-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: limelight-ssl.cedexis-test.com
URL: https://limelight-ssl.cedexis-test.com/img/17003/iuni4.html?rnd=-1-1-23346-0-0-17003-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.142.70.14 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-68-142-70-14.any.llnw.net
Software: EdgePrism/4.9.4.0 /
Resource Hash: 849dca988ce512924bd189131af8ed51c1ad0c742697ac86c3d2bef86253b110

Request headers

Referer: https://limelight-ssl.cedexis-test.com/img/17003/iuni4.html?rnd=-1-1-23346-0-0-17003-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-LDebug: 1

Response headers

x-llnw-info: na
date: Mon, 03 Jan 2022 18:55:06 GMT
server: EdgePrism/4.9.4.0
mime-version: 1.0
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=2629743, public
x-cache: HIT from sw.cds224.lin.llnw.net
timing-allow-origin: *
content-length: 2004
x-llid: 2dd03343fb8a98d993c8211ad72d75f6

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 16ms
16ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/17003/1,2/0/19/x-llnw-info%3Ana%40x-cache%3AHIT%20from%20sw.cds224.lin.llnw.net/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:06 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
limelight-ssl.cedexis-test.com/img/17003/ 43 B
296 B 20ms
20ms Image
image/gif 68.142.70.14
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://limelight-ssl.cedexis-test.com/img/17003/r20.gif?rnd=0-1-23346-0-0-17003-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.142.70.14 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-68-142-70-14.any.llnw.net
Software: EdgePrism/4.9.4.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-llnw-info: na
date: Mon, 03 Jan 2022 18:55:06 GMT
server: EdgePrism/4.9.4.0
mime-version: 1.0
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2629743, public
timing-allow-origin: *
content-length: 43
x-llid: 3f9b141e147fe5f218d72f043d306f03

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 16ms
16ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/17003/0,2/0/19/x-llnw-info%3Ana%40x-cache%3AHIT%20from%20sw.cds224.lin.llnw.net/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20-100KB.png
limelight-ssl.cedexis-test.com/img/17003/ 100 KB
100 KB 21ms
20ms Image
image/png 68.142.70.14
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://limelight-ssl.cedexis-test.com/img/17003/r20-100KB.png?rnd=14-1-23346-0-0-17003-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.142.70.14 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-68-142-70-14.any.llnw.net
Software: EdgePrism/4.9.4.0 /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-llnw-info: na
date: Mon, 03 Jan 2022 18:55:07 GMT
server: EdgePrism/4.9.4.0
mime-version: 1.0
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2629743, public
timing-allow-origin: *
content-length: 102400
x-llid: 1106ee856ae11a6422612a31014a1b58

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 16ms
16ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/17003/14,2/0/18264/x-llnw-info%3Ana%40x-cache%3AHIT%20from%20sw.cds224.lin.llnw.net/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p29.cedexis-test.com/img/ 43 B
577 B 38ms
7ms Image
image/gif 2600:9000:214f:4a00:1b:9b5:7e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p29.cedexis-test.com/img/r20.gif?rnd=1-1-23346-0-0-29-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4a00:1b:9b5:7e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 09:30:06 GMT
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
Age: 120301
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
ETag: "5b7c8475-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 4bl5rz2xEwT8ZG4JCO76O8h-B6CXn263P8Z24FUwNc6zU2RIFYhrow==

GET
H/1.1 200
OK iuni4.html Show response
p29.cedexis-test.com/img/29/ Frame C199 2 KB
2 KB 8ms
7ms Document
text/html 2600:9000:214f:4a00:1b:9b5:7e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p29.cedexis-test.com/img/29/iuni4.html?rnd=-1-1-23346-0-0-29-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/23346/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4a00:1b:9b5:7e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/

Response headers

Content-Type: text/html
Content-Length: 2011
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Date: Tue, 07 Dec 2021 01:16:03 GMT
ETag: "5b7c8475-7db"
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
Timing-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: LwhisZV61rF872PoxO_I1uN9bGYp2LX-6bntobvQhdmICk7b_2MjRA==
Age: 2396344

GET
H/1.1 200
OK iuni4.html Show response
p29.cedexis-test.com/img/29/ Frame C199 2 KB
2 KB 9ms
9ms XHR
text/html 2600:9000:214f:4a00:1b:9b5:7e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p29.cedexis-test.com/img/29/iuni4.html?rnd=-1-1-23346-0-0-29-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: p29.cedexis-test.com
URL: https://p29.cedexis-test.com/img/29/iuni4.html?rnd=-1-1-23346-0-0-29-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4a00:1b:9b5:7e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p29.cedexis-test.com/img/29/iuni4.html?rnd=-1-1-23346-0-0-29-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:16:03 GMT
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
Age: 2396344
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2011
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
ETag: "5b7c8475-7db"
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: hK08_6DXcuncjmLa1T8G3SOhKfrvdbiWa5AD7lNBWjNAjEvnHtwv4A==

GET
H/1.1 200
Ok 343 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 15ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/29/1,2/0/7/x-amz-cf-pop%3AFRA53-C1%40x-amz-cf-id%3AhK08_6DXcuncjmLa1T8G3SOhKfrvdbiWa5AD7lNBWjNAjEvnHtwv4A%3D%3D%40via%3A1.1%2089cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net%20(CloudFront)/0/15648/0/0/0/0/13/13/19/30/31/38/38/38/343
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p29.cedexis-test.com/img/ 43 B
577 B 7ms
7ms Image
image/gif 2600:9000:214f:4a00:1b:9b5:7e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p29.cedexis-test.com/img/r20.gif?rnd=0-1-23346-0-0-29-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4a00:1b:9b5:7e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 09:30:06 GMT
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
Age: 120301
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
ETag: "5b7c8475-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: BnkiYNcuo6k4iw_LJ2nOi0PIgGVy203ovftsNckBkayrypE2usZz3w==

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/29/0,2/0/7/x-amz-cf-pop%3AFRA53-C1%40x-amz-cf-id%3AhK08_6DXcuncjmLa1T8G3SOhKfrvdbiWa5AD7lNBWjNAjEvnHtwv4A%3D%3D%40via%3A1.1%2089cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net%20(CloudFront)/0/15722/0/0/0/0/0/0/0/0/0/7/8/8/343
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20-100KB.png
p29.cedexis-test.com/img/ 100 KB
101 KB 11ms
11ms Image
image/png 2600:9000:214f:4a00:1b:9b5:7e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p29.cedexis-test.com/img/r20-100KB.png?rnd=14-1-23346-0-0-29-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4a00:1b:9b5:7e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 23:38:07 GMT
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
Age: 242220
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 102400
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
ETag: "5b7c8475-19000"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 5xYX68639n4l9wQvxromBVT_omQf7tJsGpFlLgXf0bkAlU_SrTa9WA==

GET
H/1.1 200
Ok 102700 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 17ms
17ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/29/14,2/0/30888/x-amz-cf-pop%3AFRA53-C1%40x-amz-cf-id%3AhK08_6DXcuncjmLa1T8G3SOhKfrvdbiWa5AD7lNBWjNAjEvnHtwv4A%3D%3D%40via%3A1.1%2089cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net%20(CloudFront)/0/15731/0/0/0/0/0/0/0/0/0/11/26/26/102700
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
cdnetworks.cedexis-test.com/img/17653/ 43 B
537 B 108ms
8ms Image
image/gif 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnetworks.cedexis-test.com/img/17653/r20.gif?rnd=1-1-23346-0-0-17653-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Via: 1.1 PSdgflkfFRA1bc200:4 (W), 1.1 PSdgflkfFRA1dm92:15 (W)
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Server: PWS/8.3.1.0.8
Age: 45207
ETag: "5b7c8474-2b"
X-Ws-Request-Id: 61d3468b_PSdgflkfFRA1bc95_41523-53302
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Px: ht PSdgflkfFRA1dm92FRA
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
OK iuni4.html Show response
cdnetworks.cedexis-test.com/img/17653/ Frame D950 2 KB
2 KB 8ms
8ms Document
text/html 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnetworks.cedexis-test.com/img/17653/iuni4.html?rnd=-1-1-23346-0-0-17653-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/23346/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Content-Type: text/html
Content-Length: 2011
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
ETag: "5b7c8474-7db"
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Server: PWS/8.3.1.0.8
Timing-Allow-Origin: *
Age: 54624
Via: 1.1 PSdgflkfFRA1bc200:12 (W), 1.1 PSdgflkfFRA1vg90:1 (W)
X-Px: ht PSdgflkfFRA1vg90FRA
X-Ws-Request-Id: 61d3468b_PSdgflkfFRA1bc95_41523-53305

GET
H/1.1 200
OK iuni4.html Show response
cdnetworks.cedexis-test.com/img/17653/ Frame D950 2 KB
2 KB 8ms
8ms XHR
text/html 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnetworks.cedexis-test.com/img/17653/iuni4.html?rnd=-1-1-23346-0-0-17653-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: cdnetworks.cedexis-test.com
URL: https://cdnetworks.cedexis-test.com/img/17653/iuni4.html?rnd=-1-1-23346-0-0-17653-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdnetworks.cedexis-test.com/img/17653/iuni4.html?rnd=-1-1-23346-0-0-17653-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Via: 1.1 PSdgflkfFRA1bc200:12 (W), 1.1 PSdgflkfFRA1vg90:1 (W)
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Server: PWS/8.3.1.0.8
Age: 54624
ETag: "5b7c8474-7db"
X-Ws-Request-Id: 61d3468b_PSdgflkfFRA1bc95_41523-53307
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Px: ht PSdgflkfFRA1vg90FRA
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2011

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 15ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/17653/1,2/0/7/ht%20PSdgflkfFRA1vg90FRA/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
cdnetworks.cedexis-test.com/img/17653/ 43 B
537 B 8ms
8ms Image
image/gif 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnetworks.cedexis-test.com/img/17653/r20.gif?rnd=0-1-23346-0-0-17653-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Via: 1.1 PSdgflkfFRA1bc200:4 (W), 1.1 PSdgflkfFRA1dm92:15 (W)
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Server: PWS/8.3.1.0.8
Age: 45207
ETag: "5b7c8474-2b"
X-Ws-Request-Id: 61d3468b_PSdgflkfFRA1bc95_41523-53308
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Px: ht PSdgflkfFRA1dm92FRA
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 17ms
16ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/17653/0,2/0/7/ht%20PSdgflkfFRA1vg90FRA/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20-100KB.png
cdnetworks.cedexis-test.com/img/17653/ 100 KB
100 KB 9ms
8ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnetworks.cedexis-test.com/img/17653/r20-100KB.png?rnd=14-1-23346-0-0-17653-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Via: 1.1 kf230:14 (W), 1.1 PSdgflkfFRA1vg90:12 (W)
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: PWS/8.3.1.0.8
Age: 51321
ETag: "5b7c8475-19000"
X-Ws-Request-Id: 61d3468b_PSdgflkfFRA1bc95_41523-53309
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Px: ht PSdgflkfFRA1vg90FRA
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 102400

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 29ms
29ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/17653/14,2/0/46242/ht%20PSdgflkfFRA1vg90FRA/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
benchmark.1e100cdn.net/ 43 B
306 B 62ms
15ms Image
image/gif 35.190.26.57
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benchmark.1e100cdn.net/r20.gif?rnd=1-1-23346-0-0-32430-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.26.57 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 57.26.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 18:44:02 GMT
via: 1.1 google
age: 1037465
etag: "5939ad35-2b"
content-type: image/gif
cache-control: public,max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 15ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/32430/1,2/0/14/0/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H3 200 r20.gif
benchmark.1e100cdn.net/ 43 B
60 B 32ms
16ms Image
image/gif 35.190.26.57
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benchmark.1e100cdn.net/r20.gif?rnd=0-1-23346-0-0-32430-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.26.57 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 57.26.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 18:44:02 GMT
via: 1.1 google
age: 1037465
etag: "5939ad35-2b"
content-type: image/gif
cache-control: public,max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 15ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/32430/0,2/0/15/0/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p33246.cedexis-test.com/img/ 43 B
296 B 56ms
7ms Image
image/gif 52.29.156.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p33246.cedexis-test.com/img/r20.gif?rnd=1-1-23346-0-0-33246-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.29.156.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-167.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Last-Modified: Fri, 11 Jun 2021 09:05:32 GMT
Server: nginx
ETag: "60c3275c-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 15ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/33246/1,2/0/6/0/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p33246.cedexis-test.com/img/ 43 B
296 B 7ms
7ms Image
image/gif 52.29.156.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p33246.cedexis-test.com/img/r20.gif?rnd=0-1-23346-0-0-33246-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.29.156.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-167.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Last-Modified: Fri, 11 Jun 2021 09:05:32 GMT
Server: nginx
ETag: "60c3275c-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 15ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/33246/0,2/0/6/0/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
cedexis-test.akamaized.net/img/ 43 B
297 B 39ms
8ms Image
image/gif 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cedexis-test.akamaized.net/img/r20.gif?rnd=1-1-23346-0-0-34249-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:07 GMT
last-modified: Tue, 21 Aug 2018 21:30:28 GMT
server: nginx
etag: "5b7c8474-2b"
x-cache: RequestInfo=1981449447,2a02:26f0:6c00::210:ba0b,13249d6b,1641236107,31712,5
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2629743
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 03 Feb 2022 05:24:10 GMT

POST
H/1.1 200
OK FXL-111-1159 Show response
api.fixelapp.com/api/v2/grade/ 59 B
358 B 114ms
114ms XHR
application/json 52.72.241.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fixelapp.com/api/v2/grade/FXL-111-1159
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.241.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-241-250.compute-1.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: fbd6017683e5e98f08bfd009f39340d0de149de152dcd3f31a9e1f396d658212

Request headers

Referer: https://globoplay.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.18.0
X-Powered-By: Express
ETag: W/"3b-MHOysIYepHURITDETSm+FLu2xvA"
Access-Control-Allow-Methods: *
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 59

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 15ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/34249/1,2/0/8/0/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
cedexis-test.akamaized.net/img/ 43 B
297 B 7ms
7ms Image
image/gif 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cedexis-test.akamaized.net/img/r20.gif?rnd=0-1-23346-0-0-34249-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:07 GMT
last-modified: Tue, 21 Aug 2018 21:30:28 GMT
server: nginx
etag: "5b7c8474-2b"
x-cache: RequestInfo=1981449447,2a02:26f0:6c00::210:ba0b,13249d7e,1641236107,31712,5
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2629743
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 03 Feb 2022 05:24:10 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 15ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/34249/0,2/0/6/0/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
fastly.cedexis-test.com/img/20367/ 43 B
671 B 30ms
6ms Image
image/gif 151.101.192.65
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.cedexis-test.com/img/20367/r20.gif?rnd=1-1-23346-0-0-20367-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.65 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1008156
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 43
X-Served-By: cache-dfw18669-DFW, cache-hhn4050-HHN
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Server: nginx
X-Timer: S1641236108.576822,VS0,VE0
ETag: "5b7c8474-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Cedexis-UNI: HHN|{"pop":"HHN","sip":"151.101.192.65","ip_ver":"v4","info_state":"HIT","server_name":"cache-hhn4050"}
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 387594, 364363

GET
H/1.1 200
OK iuni4.html Show response
fastly.cedexis-test.com/img/20367/ Frame 41D9 2 KB
3 KB 7ms
6ms Document
text/html 151.101.192.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fastly.cedexis-test.com/img/20367/iuni4.html?rnd=-1-1-23346-0-0-20367-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/23346/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.65 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/

Response headers

Connection: keep-alive
Content-Length: 2011
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Content-Type: text/html
ETag: "5b7c8474-7db"
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Server: nginx
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 03 Jan 2022 18:55:07 GMT
Age: 573630
X-Served-By: cache-dfw18622-DFW, cache-hhn4050-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 191553
X-Timer: S1641236108.587120,VS0,VE0
X-Cedexis-UNI: HHN|{"pop":"HHN","sip":"151.101.192.65","ip_ver":"v4","info_state":"HIT","server_name":"cache-hhn4050"}

GET
H/1.1 200
OK iuni4.html Show response
fastly.cedexis-test.com/img/20367/ Frame 41D9 2 KB
3 KB 11ms
11ms XHR
text/html 151.101.192.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fastly.cedexis-test.com/img/20367/iuni4.html?rnd=-1-1-23346-0-0-20367-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: fastly.cedexis-test.com
URL: https://fastly.cedexis-test.com/img/20367/iuni4.html?rnd=-1-1-23346-0-0-20367-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.65 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fastly.cedexis-test.com/img/20367/iuni4.html?rnd=-1-1-23346-0-0-20367-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 573630
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2011
X-Served-By: cache-dfw18622-DFW, cache-hhn4050-HHN
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Server: nginx
X-Timer: S1641236108.610325,VS0,VE0
ETag: "5b7c8474-7db"
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Cedexis-UNI: HHN|{"pop":"HHN","sip":"151.101.192.65","ip_ver":"v4","info_state":"HIT","server_name":"cache-hhn4050"}
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 191554

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/20367/1,2/0/6/HHN%7C%7B%22pop%22%3A%22HHN%22%2C%22sip%22%3A%22151.101.192.65%22%2C%22ip_ver%22%3A%22v4%22%2C%22info_state%22%3A%22HIT%22%2C%22server_name%22%3A%22cache-hhn4050%22%7D/0/16144/0/0/0/0/7/7/13/23/23/29/30/30/343
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
fastly.cedexis-test.com/img/20367/ 43 B
671 B 6ms
6ms Image
image/gif 151.101.192.65
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.cedexis-test.com/img/20367/r20.gif?rnd=0-1-23346-0-0-20367-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.65 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1008156
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 43
X-Served-By: cache-dfw18669-DFW, cache-hhn4050-HHN
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Server: nginx
X-Timer: S1641236108.619698,VS0,VE0
ETag: "5b7c8474-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Cedexis-UNI: HHN|{"pop":"HHN","sip":"151.101.192.65","ip_ver":"v4","info_state":"HIT","server_name":"cache-hhn4050"}
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 387594, 364364

GET
H/1.1 200
Ok 343 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 20ms
20ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/20367/0,2/0/6/HHN%7C%7B%22pop%22%3A%22HHN%22%2C%22sip%22%3A%22151.101.192.65%22%2C%22ip_ver%22%3A%22v4%22%2C%22info_state%22%3A%22HIT%22%2C%22server_name%22%3A%22cache-hhn4050%22%7D/0/16210/0/0/0/0/0/0/0/0/0/6/7/7/343
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p34247.cedexis-test.com/img/34247/ 43 B
482 B 76ms
8ms Image
image/gif 2.16.187.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p34247.cedexis-test.com/img/34247/r20.gif?rnd=1-1-23346-0-0-34247-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.187.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-187-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Server: nginx
ETag: "5b7c8474-2b"
X-Cache: RequestInfo=973569835,2.16.187.140,2713d0cf,1641236107,31715,13
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2629743
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43
Expires: Thu, 03 Feb 2022 05:24:10 GMT

GET
H/1.1 200
OK iuni4.html Show response
p34247.cedexis-test.com/img/ Frame 74B2 2 KB
1 KB 7ms
7ms Document
text/html 2.16.187.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p34247.cedexis-test.com/img/iuni4.html?rnd=-1-1-23346-0-0-34247-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/23346/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.187.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-187-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Type: text/html
ETag: "5b7c8475-7db"
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
Timing-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 951
Cache-Control: public, max-age=2629743
Expires: Thu, 03 Feb 2022 05:24:10 GMT
Date: Mon, 03 Jan 2022 18:55:07 GMT
Connection: keep-alive
Vary: Accept-Encoding
X-Cache: RequestInfo=973569835,2.16.187.140,2713d0e2,1641236107,31715,10

GET
H/1.1 200
OK iuni4.html Show response
p34247.cedexis-test.com/img/ Frame 74B2 2 KB
1 KB 7ms
7ms XHR
text/html 2.16.187.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p34247.cedexis-test.com/img/iuni4.html?rnd=-1-1-23346-0-0-34247-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: p34247.cedexis-test.com
URL: https://p34247.cedexis-test.com/img/iuni4.html?rnd=-1-1-23346-0-0-34247-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.187.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-187-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p34247.cedexis-test.com/img/iuni4.html?rnd=-1-1-23346-0-0-34247-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
ETag: "5b7c8475-7db"
Vary: Accept-Encoding
X-Cache: RequestInfo=973569835,2.16.187.140,2713d0f6,1641236107,31715,9
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2629743
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 951
Expires: Thu, 03 Feb 2022 05:24:10 GMT

GET
H/1.1 200
Ok 343 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 16ms
16ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/34247/1,2/0/8/RequestInfo%3D973569835%2C2.16.187.140%2C2713d0f6%2C1641236107%2C31715%2C9/0/16219/0/0/0/0/42/42/56/67/67/75/76/76/343
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p34247.cedexis-test.com/img/34247/ 43 B
481 B 7ms
7ms Image
image/gif 2.16.187.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p34247.cedexis-test.com/img/34247/r20.gif?rnd=0-1-23346-0-0-34247-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.187.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-187-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Server: nginx
ETag: "5b7c8474-2b"
X-Cache: RequestInfo=973569835,2.16.187.140,2713d118,1641236107,31715,9
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2629743
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43
Expires: Thu, 03 Feb 2022 05:24:10 GMT

GET
H/1.1 200
Ok 343 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 16ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/34247/0,2/0/6/RequestInfo%3D973569835%2C2.16.187.140%2C2713d0f6%2C1641236107%2C31715%2C9/0/16326/0/0/0/0/0/0/0/0/0/6/7/7/343
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
hwcdnssl.cedexis-test.com/img/ 43 B
399 B 69ms
15ms Image
image/gif 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hwcdnssl.cedexis-test.com/img/r20.gif?rnd=1-1-23346-0-0-17000-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
ETag: "1534887029"
X-HW: 1641236107.dop007.am5.t,1641236107.cds215.am5.shn,1641236107.cds215.am5.c
Content-Type: image/gif
Cache-Control: public, max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
OK iuni4.html Show response
hwcdnssl.cedexis-test.com/img/17000/ Frame E4F8 2 KB
2 KB 15ms
15ms Document
text/html 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hwcdnssl.cedexis-test.com/img/17000/iuni4.html?rnd=-1-1-23346-0-0-17000-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/23346/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Connection: Keep-Alive
ETag: "1534887029"
Cache-Control: public, max-age=86400
Content-Length: 2011
Content-Type: text/html
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-HW: 1641236107.dop007.am5.t,1641236107.cds215.am5.shn,1641236107.cds215.am5.c

GET
H/1.1 200
OK iuni4.html Show response
hwcdnssl.cedexis-test.com/img/17000/ Frame E4F8 2 KB
2 KB 16ms
16ms XHR
text/html 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hwcdnssl.cedexis-test.com/img/17000/iuni4.html?rnd=-1-1-23346-0-0-17000-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: hwcdnssl.cedexis-test.com
URL: https://hwcdnssl.cedexis-test.com/img/17000/iuni4.html?rnd=-1-1-23346-0-0-17000-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hwcdnssl.cedexis-test.com/img/17000/iuni4.html?rnd=-1-1-23346-0-0-17000-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
ETag: "1534887029"
X-HW: 1641236107.dop007.am5.t,1641236107.cds215.am5.shn,1641236107.cds215.am5.c
Content-Type: text/html
Cache-Control: public, max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2011

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 21ms
21ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/17000/1,2/0/14/1641236107.dop007.am5.t%2C1641236107.cds215.am5.shn%2C1641236107.cds215.am5.c/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
hwcdnssl.cedexis-test.com/img/ 43 B
399 B 20ms
20ms Image
image/gif 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hwcdnssl.cedexis-test.com/img/r20.gif?rnd=0-1-23346-0-0-17000-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
ETag: "1534887029"
X-HW: 1641236107.dop007.am5.t,1641236107.cds215.am5.shn,1641236107.cds215.am5.c
Content-Type: image/gif
Cache-Control: public, max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 22ms
22ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/17000/0,2/0/19/1641236107.dop007.am5.t%2C1641236107.cds215.am5.shn%2C1641236107.cds215.am5.c/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
incapsula-cdn.cedexis-test.com/img/ 43 B
500 B 257ms
16ms Image
image/gif 107.154.192.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://incapsula-cdn.cedexis-test.com/img/r20.gif?rnd=1-1-23346-0-0-32481-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.225 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.192.225.ip.incapdns.net
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:07 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Etag: "5b7c8474-2b"
Content-Type: image/gif
X-Iinfo: 14-67073594-0 0CNN RT(1641236107976 16) q(0 -1 -1 0) r(0 -1)
Cache-Control: max-age=31449600, public
Timing-Allow-Origin: *
Content-Length: 43
Expires: Mon, 02 Jan 2023 18:55:07 GMT

GET
H/1.1 200
OK iuni4.html Show response
incapsula-cdn.cedexis-test.com/img/32481/ Frame 17FB 2 KB
1 KB 28ms
27ms Document
text/html 107.154.192.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://incapsula-cdn.cedexis-test.com/img/32481/iuni4.html?rnd=-1-1-23346-0-0-32481-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/23346/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.225 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.192.225.ip.incapdns.net
Software: /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/

Response headers

Etag: "5b7c8475-7db"
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Content-Type: text/html
Content-Length: 951
Content-Encoding: gzip
Timing-Allow-Origin: *
Cache-Control: max-age=31449600, public
Expires: Mon, 02 Jan 2023 18:55:08 GMT
Date: Mon, 03 Jan 2022 18:55:08 GMT
X-Iinfo: 14-67073594-0 0CNN RT(1641236107976 47) q(0 -1 -1 0) r(0 -1)

GET
H/1.1 200
OK iuni4.html Show response
incapsula-cdn.cedexis-test.com/img/32481/ Frame 17FB 2 KB
1 KB 15ms
15ms XHR
text/html 107.154.192.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://incapsula-cdn.cedexis-test.com/img/32481/iuni4.html?rnd=-1-1-23346-0-0-32481-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: incapsula-cdn.cedexis-test.com
URL: https://incapsula-cdn.cedexis-test.com/img/32481/iuni4.html?rnd=-1-1-23346-0-0-32481-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.225 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.192.225.ip.incapdns.net
Software: /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://incapsula-cdn.cedexis-test.com/img/32481/iuni4.html?rnd=-1-1-23346-0-0-32481-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Etag: "5b7c8475-7db"
Content-Type: text/html
X-Iinfo: 14-67073594-0 0CNN RT(1641236107976 75) q(0 -1 -1 1) r(0 -1)
Cache-Control: max-age=31449600, public
Timing-Allow-Origin: *
Content-Length: 951
Expires: Mon, 02 Jan 2023 18:55:08 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 15ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/32481/1,2/0/15/14-67073594-0%200CNN%20RT(1641236107976%2075)%20q(0%20-1%20-1%201)%20r(0%20-1)/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:08 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
incapsula-cdn.cedexis-test.com/img/ 43 B
501 B 17ms
17ms Image
image/gif 107.154.192.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://incapsula-cdn.cedexis-test.com/img/r20.gif?rnd=0-1-23346-0-0-32481-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.225 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.192.225.ip.incapdns.net
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:08 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Etag: "5b7c8474-2b"
Content-Type: image/gif
X-Iinfo: 14-67073594-0 0CNN RT(1641236107976 95) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=31449600, public
Timing-Allow-Origin: *
Content-Length: 43
Expires: Mon, 02 Jan 2023 18:55:08 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 15ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/32481/0,2/0/16/14-67073594-0%200CNN%20RT(1641236107976%2075)%20q(0%20-1%20-1%201)%20r(0%20-1)/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:08 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
vdms-ssl.cedexis-test.com/img/16999/ 43 B
248 B 50ms
9ms Image
image/gif 192.229.220.19
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vdms-ssl.cedexis-test.com/img/16999/r20.gif?rnd=1-1-23346-0-0-16999-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.19 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E93) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:08 GMT
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: ECAcc (frc/8E93)
age: 26510
etag: "5b7c8475-2b"
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Server
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H2 200 iuni4.html Show response
vdms-ssl.cedexis-test.com/img/16999/ Frame 9F79 2 KB
1 KB 9ms
9ms Document
text/html 192.229.220.19
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://vdms-ssl.cedexis-test.com/img/16999/iuni4.html?rnd=-1-1-23346-0-0-16999-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/23346/radar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.19 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E85) /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/

Response headers

content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: Server
age: 473746
cache-control: max-age=2629743, public
content-type: text/html
date: Mon, 03 Jan 2022 18:55:08 GMT
etag: "5b7c8475-7db+gzip"
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: ECAcc (frc/8E85)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
content-length: 951

GET
H2 200 iuni4.html Show response
vdms-ssl.cedexis-test.com/img/16999/ Frame 9F79 2 KB
1014 B 8ms
7ms XHR
text/html 192.229.220.19
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://vdms-ssl.cedexis-test.com/img/16999/iuni4.html?rnd=-1-1-23346-0-0-16999-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Requested by: Host: vdms-ssl.cedexis-test.com
URL: https://vdms-ssl.cedexis-test.com/img/16999/iuni4.html?rnd=-1-1-23346-0-0-16999-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.19 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E85) /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vdms-ssl.cedexis-test.com/img/16999/iuni4.html?rnd=-1-1-23346-0-0-16999-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:08 GMT
content-encoding: gzip
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: ECAcc (frc/8E85)
age: 473746
etag: "5b7c8475-7db+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Server
cache-control: max-age=2629743, public
timing-allow-origin: *
content-length: 951

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/16999/1,2/0/9/ECAcc%20(frc%2F8E85)/0/16812/0/0/0/0/20/20/26/40/40/50/50/50/343
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:08 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
vdms-ssl.cedexis-test.com/img/16999/ 43 B
98 B 7ms
7ms Image
image/gif 192.229.220.19
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vdms-ssl.cedexis-test.com/img/16999/r20.gif?rnd=0-1-23346-0-0-16999-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.19 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E93) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:55:08 GMT
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: ECAcc (frc/8E93)
age: 26510
etag: "5b7c8475-2b"
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Server
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/0/0/16999/0,2/0/7/ECAcc%20(frc%2F8E85)/0/16896/0/0/0/0/0/0/0/0/0/7/8/8/343
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:08 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
live.video.globo.com/cdxs/ 43 B
397 B 1224ms
450ms Image
image/gif 186.192.80.13

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.video.globo.com/cdxs/r20.gif?rnd=1-1-23346-1-23346-35401-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.80.13 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:09 GMT
Last-Modified: Thu, 26 Nov 2020 12:20:47 GMT
Server: openresty
ETag: "5fbf9d9f-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43
Expires: Mon, 03 Jan 2022 18:55:08 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 49ms
16ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/1/23346/35401/1,2/0/449/0/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:09 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
live.video.globo.com/cdxs/ 43 B
397 B 225ms
225ms Image
image/gif 186.192.80.13

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.video.globo.com/cdxs/r20.gif?rnd=0-1-23346-1-23346-35401-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.80.13 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:09 GMT
Last-Modified: Thu, 26 Nov 2020 12:20:47 GMT
Server: openresty
ETag: "5fbf9d9f-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43
Expires: Mon, 03 Jan 2022 18:55:08 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYA... 16 B
283 B 19ms
18ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA/1/23346/35401/0,2/0/225/0/0
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_2caf29d99e86401197555831070efae8/secure/app-vendor-bundle-450de87.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:09 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20-100KB.png
live.video.globo.com/cdxs/ 32 KB
0 451ms
450ms Image
image/png 186.192.80.13

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.video.globo.com/cdxs/r20-100KB.png?rnd=14-1-23346-1-23346-35401-2331443547-_CgJqMRAUGHsiBggBELK2ASjbgtzXCDCIjc2OBjiIjc2OBkCs-5cuSg8IAxA1GMF2IAAo84OAoARQhZLAAVoQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggEQCAMQNRi3swIgACjzg4CgBIgBuavvhAuQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.80.13 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://globoplay.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 18:55:09 GMT
Last-Modified: Thu, 26 Nov 2020 12:20:47 GMT
Server: openresty
ETag: "5fbf9d9f-19000"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 102400
Expires: Mon, 03 Jan 2022 18:55:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r.nexac.com
URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DOlHxAoqC%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

84 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm	1970-01-20 08:32:20	Name: sback_browser Value: 0-11705200-1641236103a45c3e49d802883d541cd62906c4824371110827105021152261d346871c9480-30270822-185213155176,7013234148-1641236103
globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm	1970-01-20 08:32:20	Name: sback_client Value: 5bbbcb9621968f9b2c016802
globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm	1970-01-19 23:55:15	Name: sback_access_token Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJhcGkuc2JhY2sudGVjaCIsImlhdCI6MTY0MTIzNjEwMywiZXhwIjoxNjQxMzIyNTAzLCJhcGkiOiJ2MiIsImRhdGEiOnsiY2xpZW50X2lkIjoiNWJiYmNiOTYyMTk2OGY5YjJjMDE2ODAyIiwiY2xpZW50X2RvbWFpbiI6Imdsb2JvcGxheS5nbG9iby5jb20iLCJjdXN0b21lcl9pZCI6IjYxZDM0Njg3NWNkZjY1Mjg2MzMzNWQ0YiIsImN1c3RvbWVyX2Fub255bW91cyI6dHJ1ZSwiY29ubmVjdGlvbl9pZCI6IjYxZDM0Njg3NWNkZjY1Mjg2MzMzNWQ0YyIsImFjY2Vzc19sZXZlbCI6ImN1c3RvbWVyIn19.teqh3rnKxDDXDuyn4lPEIWsOsyh99L8zWkG2_xBrR2c.WrWruyzRWrgPKquyWrqBKq
globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm	1970-01-20 08:32:20	Name: sback_partner Value: false
globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm	1970-01-19 23:53:59	Name: sback_current_session Value: 1
globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm	1970-01-20 08:39:32	Name: sback_total_sessions Value: 1
globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm	1970-01-20 08:39:32	Name: sb_days Value: 1641236104019
globoplay.globo.com/malhacao-sonhos/t/gHnkmg7Xvm	1970-01-19 23:54:39	Name: sback_customer_w Value: true
.globo.com/	1969-12-31 23:59:59	Name: GLBEXP Value: QkKK8tsZkJ+ss8UmxC/gQY70MHrfM/W2RIt3jmno3M8=
.globo.com/	1970-01-20 08:32:09	Name: glb_uid Value: "sBu5WHQZwodBmbHMr7LGIS49d3cUmJlAg5X7DN9oqko="
.navdmp.com/	1970-01-20 17:10:43	Name: nid Value: ffbcb700ff72e125aa260d6ad09\|0\|33
.globo.com/	1970-01-20 08:39:32	Name: nav13574 Value: ffbcb700f30fdc64919d68edc09\|2_4
.krxd.net/	1970-01-20 04:13:08	Name: _kuid_ Value: OlHxAoqC
.globo.com/	1970-01-20 08:39:32	Name: utag_main Value: v_id:017e214b7b9d003a1007735519b403072003906a00b08$_sn:1$_se:6$_ss:0$_st:1641237902393$ses_id:1641236102047%3Bexp-session$_pn:1%3Bexp-session
.globo.com/	1970-01-20 02:03:32	Name: _fbp Value: fb.1.1641236102538.1499503137
.globoplay.globo.com/	1970-01-19 23:53:56	Name: _gat_tealium_0 Value: 1
.globoplay.globo.com/	1970-01-19 23:53:57	Name: _st_ses Value: 7350425246362216
.globo.com/	1970-01-20 02:03:32	Name: _gcl_au Value: 1.1.592451029.1641236103
.creativecdn.com/	1970-01-20 08:39:32	Name: ts Value: 1641236102
.creativecdn.com/	1970-01-20 08:39:32	Name: u Value: 5BMciUZ4sbTX0GrwSUeB
.criteo.com/	1970-01-20 09:15:32	Name: uid Value: 87fff405-face-4048-ac89-2f6272ac0131
.scorecardresearch.com/	1970-01-20 17:10:44	Name: UID Value: 1ZJPJH9RCMQXAWZOHXCIGTg1641236103
.rlcdn.com/	1970-01-20 01:20:20	Name: pxrc Value: CAA=
.adnxs.com/	1970-01-20 02:03:32	Name: uuid2 Value: 2933844562998605552
.globoplay.globo.com/	1970-01-19 23:53:57	Name: _st_no_script Value: 1
.globoplay.globo.com/	1970-01-19 23:53:57	Name: _sptid Value: 4803
.globoplay.globo.com/	1970-01-19 23:53:57	Name: _st_no_convert Value: 1
.globo.com/	1970-01-20 09:23:20	Name: cto_bundle Value: BXLuPV9yaW1TZU5GMUtBRHJTWGZlcXdTQ3N3bGlNZURRRk83MDFQWmI3MU9JYUJ2dWhOM05rRmxIVGFUZGVZdGFMVEZ0UkRPekw4dkF2WEdwNUxvY1dtclZJaWFKcElKRFFUeWtVYklwRWdrRDVNbmMlMkZXJTJCVFB4dDFoMWFYJTJCbFplYlU0MFZObzIlMkI3elNuVXBqSDNWYWo1a29adyUzRCUzRA
.1rx.io/	1970-01-20 08:39:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-915757fd-7e60-49e6-8c20-1268cc76eab2-003%22%7D
.demdex.net/	1970-01-20 04:13:08	Name: demdex Value: 55215904391378571911515411323264510815
.globoplay.globo.com/	1970-01-19 23:53:57	Name: _st_no_user Value: 1
.dpm.demdex.net/	1970-01-20 04:13:08	Name: dpm Value: 55215904391378571911515411323264510815
.targeting.unrulymedia.com/	1970-01-20 08:39:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-915757fd-7e60-49e6-8c20-1268cc76eab2-003%22%7D
.globoplay.globo.com/	1970-01-19 23:55:22	Name: _cm_ads_activation_retry Value: false
.doubleclick.net/	1970-01-20 09:15:32	Name: IDE Value: AHWqTUkyrrY8dfJrfG8mioJl2FQ9bCRxd9FszjhiCs-SV0gybOaMw1cFtkbhXDtR
.globo.com/	1970-01-19 23:53:56	Name: _hzt.interval Value: 20000
.globo.com/	1970-01-20 08:39:53	Name: kppid Value: 164872273791213195181
.globo.com/	1970-01-19 23:53:57	Name: hsid Value: 6932d3ba-0032-4e8c-9a18-91421c5d9df0
.globoplay.globo.com/	1970-01-20 08:32:20	Name: sback_customer Value: $2waykWRFRkZalmeBFVeqVkTVRDcj1GV55EWqFmUo1mbaxmM6VFNqVTTsRDaZlneY1UQ6JXT5R1cOd1aIJFMqRUW2$12
.globo.com/	1970-01-20 08:39:32	Name: FCNEC Value: [["AKsRol8pDm3ySE38V_NVXkFp2XGfVzQdiqAwzdvGdpHRd4oH1S125Q-PHGx3Qd2nYopi46cbncHFqD2EmenpJrIZnj4DpSTYLUnAqN4QYt4s2qxO8ZlXaV6UBukiaHv8t-4EJaofbjQlyW7BcasMESMObgYv2rniow=="],null,[]]
.yahoo.com/	1970-01-20 08:39:53	Name: A3 Value: d=AQABBIdG02ECEL5k9cvqecQS3l_MOa3HYQcFEgEBAQGY1GHdYQAAAAAA_eMAAA&S=AQAAApmaIMZxKKjw4CxKaraG0Mg
.taboola.com/	1970-01-20 08:39:32	Name: t_gid Value: 824fe773-0f44-44ef-9d63-1dbd3d460fd7-tuct8cccc08
.advertising.com/	1970-01-20 08:40:58	Name: APID Value: UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c
.bidswitch.net/	1970-01-20 08:39:32	Name: tuuid Value: 7a5afaab-0798-4582-a791-3a6c8071a303
.bidswitch.net/	1970-01-20 08:39:32	Name: c Value: 1641236104
.bidswitch.net/	1970-01-20 08:39:32	Name: tuuid_lu Value: 1641236104
.analytics.yahoo.com/	1970-01-20 08:40:58	Name: IDSYNC Value: "18zh~22gi:1761~22gi"
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UPa9a01e7c-6cc6-11ec-9269-02dfe115da4c
.yahoo.com/	1970-01-19 23:55:22	Name: APIDTS Value: 1641236104
.rlcdn.com/	1970-01-20 08:39:32	Name: rlas3 Value: cC3WfN/2djKbvO7GxD2e/8+B6nV7bpu3eChwmVSIBAw=
.360yield.com/	1970-01-20 02:03:32	Name: tuuid Value: 27381edb-4031-41ca-bf55-99097488d83a
.360yield.com/	1970-01-20 02:03:32	Name: tuuid_lu Value: 1641236104
.360yield.com/	1970-01-20 02:03:32	Name: um Value: !38,RuPW2WOxc5091EQiSTbaexfNW-QkQshtQNSyTdM.EEghY1qFXGDBRIVBNEG71VqkzXFLrNMl,1649012104
.360yield.com/	1970-01-20 02:03:32	Name: umeh Value: !38,0,1703444104,-1
.media.net/	1970-01-20 08:39:32	Name: visitor-id Value: 2842377048398402000V10
.media.net/	1970-01-20 00:37:08	Name: data-c-ts Value: 1641236104
.media.net/	1970-01-20 00:37:08	Name: data-c Value: k-yf-rjlevtm5A5yiqfX64kD9-fmEGD1Io1Uo0oQ~~3
.casalemedia.com/	1970-01-20 08:39:32	Name: CMID Value: YdNGiFrbZL4wTCGf3T2FBAAA
.casalemedia.com/	1970-01-20 02:03:32	Name: CMPS Value: 3276
.casalemedia.com/	1970-01-20 02:03:32	Name: CMPRO Value: 1129
.casalemedia.com/	1970-01-19 23:55:22	Name: CMST Value: YdNGiGHTRogA
.casalemedia.com/	1970-01-20 08:39:32	Name: CMRUM3 Value: 1461d346882760k-5pJpd1evtm5A5yiqfX64kD9-fmGx909iPcF_Jg
.tapad.com/	1970-01-20 01:20:20	Name: TapAd_TS Value: 1641236104798
.tapad.com/	1970-01-20 01:20:20	Name: TapAd_DID Value: 31c241eb-6bc1-4934-9c03-744c5daaf9d1
.3lift.com/	1970-01-20 02:03:32	Name: tluid Value: 10043622319387958665
.tapad.com/	1970-01-20 01:20:20	Name: TapAd_3WAY_SYNCS Value:
.pubmatic.com/	1970-01-20 00:37:08	Name: KRTBCOOKIE_97 Value: 3385-uid:k-kz_EU1evtm5A5yiqfX64kD9-fmGJBqWbEGZkKg&KRTB&23286-uid:k-kz_EU1evtm5A5yiqfX64kD9-fmGJBqWbEGZkKg&KRTB&23287-uid:k-kz_EU1evtm5A5yiqfX64kD9-fmGJBqWbEGZkKg&KRTB&23288-uid:k-kz_EU1evtm5A5yiqfX64kD9-fmGJBqWbEGZkKg
.pubmatic.com/	1970-01-20 00:37:08	Name: PugT Value: 1641225239
.pubmatic.com/	1970-01-20 02:03:32	Name: PUBMDCID Value: 3
.adnxs.com/	1970-01-20 02:03:32	Name: anj Value: dTM7k!M4/QE:2jUF']wIg2H`eG]ze6NRfZt3ef`K1@FqLShse?3r6'bh7$`k1<G8/3U<_u'm?@Z(suWtl[^[CyMCC.dEXlSkiunA[!MmU@MATG`/W>V=BrrD>panDbBndqU8>1X/-bcEf4<3%o]LZlXz>wL5L!!).0NWW%
.mediawallahscript.com/	1970-01-20 17:25:08	Name: mCookie Value: a9bcf460-6cc6-11ec-a836-839df7db7b71
.mediawallahscript.com/	1970-01-20 17:25:08	Name: mUserCookie Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m034GSbPvwTa
.mgid.com/	1970-01-19 23:53:57	Name: __cf_bm Value: aghl0QUEdbcz7C8s8_3J6CKAf8Pu6ZKsclu2vXh1cAw-1641236104-0-AaMxTOcmD5wQUi9uGfSXAzlNq96YGymXPtZKFY6jXX8A0c9ADOHrl6ojcLYDq8wrDdKG9EtsRxhBZGFgEL89N4s=
.addthis.com/	1970-01-20 09:15:32	Name: ouid Value: 61d346880001d1a44fb29030a7be8b0ef13283b726b8dc7d2cbe
.addthis.com/	1970-01-20 09:15:32	Name: uid Value: 61d34688a6992959
.addthis.com/	1970-01-20 09:15:32	Name: na_id Value: 2022010318550485900618234901
.outbrain.com/	1970-01-20 02:03:32	Name: obuid Value: acd2187b-8c09-4dc1-897b-a77bb1eb2321
.outbrain.com/	1970-01-20 00:37:08	Name: criteo Value: k-CZE8Ilevtm5A5yiqfX64kD9-fmEGvHkr3U_5rg
cm.mgid.com/	1970-01-20 00:37:08	Name: mg_sync Value: {"617660":1641236105}
.tpmn.co.kr/	1970-01-20 08:39:32	Name: uuid Value: 285b7f82d9914d8e82f53712522f14d7
.tpmn.co.kr/	1970-01-20 00:37:08	Name: criteo Value: k-ZpXhV1evtm5A5yiqfX64kD9-fmFr9eVna4jmbQ
.globo.com/	1970-01-19 23:55:22	Name: horizon_id_cookie Value: d9e69e3e-8524-474a-b4b9-25a287c057aa
.globo.com/	1970-01-19 23:55:22	Name: krux_id_cookie Value: OlHxAoqC

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://stream.push.globo.com/ev/p.globo-play-eu-notifications Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://security.video.globo.com/affiliates/info Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DOlHxAoqC%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8622355.fls.doubleclick.net
ad.360yield.com
ad.doubleclick.net
ad.tpmn.co.kr
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.tiktok.com
api.fixelapp.com
api.shopback.net
app.shoptarget.com.br
ash.creativecdn.com
beacon.krxd.net
benchmark.1e100cdn.net
cdn.krxd.net
cdn.navdmp.com
cdnetworks.cedexis-test.com
cedexis-test.akamaized.net
ckies.net
click.retargeter.com.br
cm.creativecdn.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
cocoon.globo.com
connect.facebook.net
consumer.krxd.net
contextual.media.net
crb.kargo.com
cw.addthis.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
fastly.cedexis-test.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
front.shoptarget.com.br
fundingchoicesmessages.google.com
globo-ab.globo.com
globoplay.globo.com
googleads.g.doubleclick.net
gum.criteo.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
hwcdnssl.cedexis-test.com
i2-hiiowgkgxiflgapmgoiiolydxhibgn.init.cedexis-radar.net
ib.adnxs.com
idsync.rlcdn.com
imasdk.googleapis.com
incapsula-cdn.cedexis-test.com
jarvis-aws.globo.com
limelight-ssl.cedexis-test.com
live.video.globo.com
mug.criteo.com
p.glbimg.com
p29.cedexis-test.com
p33246.cedexis-test.com
p34247.cedexis-test.com
p41683.cedexis-test.com
pagead2.googlesyndication.com
partner.mediawallahscript.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
poscompra.shopconvert.com.br
pubads.g.doubleclick.net
r.casalemedia.com
r.nexac.com
radar.cedexis.com
rpt.cedexis.com
s.ad.smaato.net
s.glbimg.com
s01.video.glbimg.com
s02.video.glbimg.com
s03.video.glbimg.com
s2.glbimg.com
s3.glbimg.com
sb.scorecardresearch.com
script.fixel.ai
secure.adnxs.com
security.video.globo.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
stags.bluekai.com
static.criteo.net
static.shopback.net
stats.g.doubleclick.net
stream.push.globo.com
sync-t1.taboola.com
sync.1rx.io
sync.navdmp.com
sync.outbrain.com
sync.targeting.unrulymedia.com
tag.navdmp.com
tags.globo.com
tags.tiqcdn.com
tcc-apikeys.cdn-trunomi.com
tcc.cdn-trunomi.com
token.rubiconproject.com
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
usergate.globo.com
usermatch.krxd.net
usr.navdmp.com
vdms-ssl.cedexis-test.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
r.nexac.com
104.111.215.191
104.19.136.78
104.225.98.129
107.154.192.225
13.32.27.16
13.35.253.69
13.35.253.75
13.35.253.86
131.0.25.109
131.0.25.125
131.0.25.59
131.0.25.68
131.0.25.90
141.226.228.48
142.250.184.230
142.250.185.194
142.250.185.66
142.250.186.130
143.204.215.8
151.101.130.133
151.101.192.65
151.101.66.133
163.171.128.148
163.171.245.214
178.250.0.147
178.250.0.163
178.250.2.146
178.250.2.151
18.197.84.79
184.30.24.121
184.30.24.194
185.184.10.30
185.184.8.65
185.33.221.11
185.33.221.89
185.64.189.110
186.192.80.13
186.192.81.117
186.192.81.62
186.192.90.11
186.192.90.3
186.192.91.2
186.192.91.5
186.192.91.9
192.229.220.19
2.16.186.234
2.16.187.144
2.18.234.21
2.18.235.93
201.7.182.142
201.7.182.243
205.185.216.10
212.82.100.181
212.82.100.182
213.19.147.45
2600:9000:2057:600:1a:6635:8d40:93a1
2600:9000:211e:2a00:8:e35d:8840:93a1
2600:9000:211e:7800:1b:5138:8a40:93a1
2600:9000:214f:4a00:1b:9b5:7e00:93a1
2606:4700:3035::ac43:9e15
2606:4700::6810:df3
2607:f740:e619::1
2a00:1288:80:800::7000
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:400c:c06::9d
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00::210:ba0b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.106.122
3.126.56.137
3.233.108.24
3.67.18.150
3.94.40.153
34.102.166.132
34.240.183.205
34.255.107.204
35.190.26.57
35.227.248.159
35.241.57.45
35.244.159.8
35.244.174.68
52.19.142.33
52.29.156.167
52.72.241.250
54.155.208.14
54.87.32.120
66.155.71.25
68.142.70.14
69.173.144.138
69.173.144.139
70.42.32.95
74.119.119.150
76.223.111.18
02541ed37faaf2dab803a3d82e54e67f75c10b0f190cfc3d9dfdc679a66897f3
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05eba343e865566b29b9fabe69b10e7f43d9050f3b81156faeb3db1db19f23eb
06e668e573919155ff7500b99ae38362d113fdb5073aebb65f2f7051c18a20fe
08bc2b0a45a18f819514b324a81fba9433e925acfc9122e853e3034c83a83c6e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c02b58c454919d2e837f811f37fc15c05dc3d98600f749e13073862785b7221
0c57cab8cd799b53279aa83d3232f280a51d2baeaf45e9f8ce1e23d368ce88c7
0dd43370568388e92ff6bcf241afa934aac630fb559b343930f980c07a260bfd
0df407f131fd1642dac24393a6b033a08d1d292efeebc6778420f3783226674b
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e723c8f1b081f76436ab6198adb0c0a0c26b7cdc0e74c17f0917e025084fe31
0f8291d121493b605e6a637a56c0169f006279aaded38455ec06762b72b73c97
100ab914be7087e06ee640f04de426c52c24d71bac313c6f691528ceb7856d75
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
133be2ab152b1c9f408e9a597430361539cf3b8255a0a92f8a8a8a885e079702
13caffd464ea5bd21bae6e99dce436e60420f17bbb8f2c846309ffa32bc64d3c
164aece9f6fab01c53570306d1a35687e476310cdd9a9a3bbfaa387f513419a6
1921120dce73d0a0c75031bd84d4da7b12bc3bc979a8a23647dee2db8fe97565
1d2edf4fb9c6ae046fe3e069d4801f1a092aa26a8a58110b01638450fb97bf8a
214175e2184c0c50ba43c4662433b3154509a30ec46c4f11ddf2d865a4dc37eb
2198fd0e079d8eda356ec8adc022a968d282fc4d6d5662059886c1789fa43d83
248ff21c1f60a7d465f8425410c566403ee878da5acc04f4651fa6d70e8315b0
2492dc6a2a950dc0f5a32f8882037746543f4a87bbc1cd9fd27543ab38064e73
25b741d263838ec4d526084107a89e6331e3927d6e6feb14f0eaea4674bb87ad
26fb987316ffb63b047e97badcaa3254d10e3edf6ba0898d600ef27a233b7808
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7
296d3bf25accfb8a4d34852f1d2e3aaf5f8545c9d8b77fd3a47ac9362fc23c4a
2d39dde5b60f6bb482765f430c3265ed117b2769dcc8f6971d2f0cc37fdf6965
2dbe8918a242f4190f18d742d1539336fe52b6032e23131c023c29686b0ff7f2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3398e22245f8d8b8931adcd6eff226ffbe5599b6e025490b2877ae52a335282c
356b2377584512e999488dc686267f9a505c6e8bfc39dc513ad66ae4ed3f088d
35a6a9dbfb2006511eced5c412782d86d8ac3cef54aea2bfb5179bd0e9789981
361006c5423524e808114a58e9ea3b8c790baa59b21e601982628902f1a3f4df
375794527d73794164eb9aeebc3c3999fb8bb9b2f5a683fbd1662aa72d842990
38b126f92a3104c7d73e1cf2f448db9896d4f29ebf3a7b593b380e6cdd0ae378
38ddeb806564c30fe4ef6f3c05eca54b346bf9429a81143728f518da7ef66af4
3aaf7f55868e7c9edc804114ec30038cfcde40cc89347011527b6a5c36111243
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3bfb4feb441faee07723f127ae360dfc31ae153acd925397ef2143d2fe25108b
3c936d4d69fc5dcd046f6e9204de3aa5932613fdca4609377b7d8b8656b384bf
3e68234c6007e438bf8cd985e03f7dd144bb17eb16968f86c1ce0645fea82abc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb72909a45baf51b0e985aa1abbf161cc3a12ed78ec060001fee207c9c50319
3f38c81bae8217fa8da1256162d04e92878dc5e3c47f2245a1bdf9a0ca3252ef
40c1ed2eb0f2be48a28fc786ea845811308d22185a5c18f17adc55c8adabe78f
412779865ecbbc7e94cf73e45fa097bdb66da1a3e3c714f25efe1eedb2979ab0
434abdec4d49b8bdd1c1c22b2654a77262f0968aec3c8bb03aebce56199f7e12
44cb58f5112d2f6a49b583e75306ad6e657387e003098fa7c62e4fc02fea1699
45b52cc7cdb901e5e1ddc82198b567717ea6da0b50c6d84aa07d0b54e49a2795
4730fa8d655d91694377b9b8ed8802c21e4657b2908fb5b7cd3a616990c2c762
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
48be3c82e2e8de345942c26246012d418cb05d91f952524f740de47001dcab1b
48f21b86846d2ddf7860b4d02929ef826326bfc6ed851edb9f9a302be7d4cc9e
4af66d9913a3cf33c80d6b98515342cf76b65a5568f5912e841d6604f6ee4d1f
4b156cd22fb86aeb9fc1983163fee0dd2e265dbd958b1ff38a571ab4732318d8
4b496b28a3d5340b085748f83b37490779ed2e16362f017bcea4aa4d394a0b31
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c23aeb05cbabee0516188b7ed24bae783840eb13585efae6645e7ad94086c6e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eef68c81749c8d56e8fb42b6a1b8709757124b145b45fdc6876fff394e7f44d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57e8bec49703909f91f6f1f84a449695c11b7bcdd275751e05febba0b84259ea
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5af567d8205c8a716ccafa885f06c1c46f8a0068aad4343ccda19c962ce7d95e
5b402ce25e51c50c186bb5e04967bea2feef934669aa26b67961e9c84b579626
5c1c12b8647314712840b8fe12c46f7172aa733da0c3b148eb805f8df36c7771
5d71a7621abca6ef701caf4aa7608b065faf98ec19bb346d0ac2ec79919b1020
5f3fd8580efc7dc2d2f26389b814b79b727ea3126f1ea4a6c67c2bcf6e306336
671ad1a20c293d2d69d7931de6a3a2446fdeaff7592da1161f4480f7782f2a59
696ca6f4eaabe0803032cf9a2ba74328c7df0e1d9379b614091fc252db3965b1
6f84b6fec074249bfea06b1263c7868e03f6128ed50b20e1b8e08118d163de64
731d2de2bbddc41a1bc026863710d597156cec734905604383a9971ccca3e991
73da9ffb09e151f91f85b93c73ab6288cb3e54c56000423cdb8ba9159fc08d33
75d850c39a04b147f6ef94c0c42f439949f0e999e273026a64d48514d5cdfcfd
7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83262b158f3e837e6fd08cf041c196538411d27d334f9a742c6c80249f65572f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833f981fe94962dbe695050b51928eabaeafc590828dec51709e903d66025424
849dca988ce512924bd189131af8ed51c1ad0c742697ac86c3d2bef86253b110
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86e467735c7c594f72fa0a2adccb89a36590f601446fdbf1de3f0aead46c7b43
87806397fc82d9734bedb9a9aa8f8ad18da3bb24b687d46b1a1db73de49a2431
879a7250b5d1762c396bcc37bfdeebf0b552b3f751c6755a8c9c0d2eebcc279b
87b364e56e7716903a95416bbb48e70963911abccc2a7e47f610ff7d0047ce30
883d9b93f2109b42cd6c668f7d3085ffcc7c42bcd99eb246f4ccf7daa20bb517
8abf5619d582a07730bbe2ee5eeb6da93514755baa02560cf93b98b822052013
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8b023562418fb4e4e756a7ef8a19a501cc94c2d06283798b9630c6fa7e1076be
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
97b81651ac630805fe9f93b8a9481cc286ddb6240b3964a647371f01bca28641
992b4863f11221352c9359ee714d3dd1e6c6fa7c89cf589defa4061b24b135b6
9934f3f209b188c2a5a5a3025e199ef277ad60cc98a477a279e05f6019c3f982
99cb06f5ecceaae0f0c584118ade797bfbc8d648666fbd2fa4cc455486d2da69
9ba2d12a3cb883d8702129edd63bf2d301857050b38228ba8c37fc3bf5eb85f3
9ce52239761cecbe2b1e60a71b8b5c8fd66896591edb1fe8bd6a8d2f836099ca
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a13eb934d50320de5a924cc5c6a726f5bd70643eb5e8b8e1ad5664311b07a519
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1eea27112968d0262d374a40be84cb950d22d8029d9fcd7d81e6fc77f3dcd18
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a3ca1133982c1d5f29218e6cbb42afea3a0bc2c1ba389af961f8e9dff9dbf2
a63ccff69528249dada5fa6c51895a41bac1e318451c198be486d3292e7cada2
a6b377baaf9632d50fc94294dbaf90b299549891a17a9b1fac816fe000ec9353
a7de59dafa959ed051b76f14d7a6695263277ba4c2bbe83ea9b907dd7dc53468
a80b47af8f7996c443a6a5e9d17e1ee3c2cdd55dd6a902177c497d153fa6987b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab539f25d2719153392d7113a7ee353130679b8e088813aa1b37a9f0ba288e28
ac0db2d1661d9cf7e3cfe9ba7a3a328949f403884112dbb223f854dbc3d5114a
af318ee8e0c68dd67e34b882ad76aabc020d6f1d4f1b9da8c62f40887278c1bc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b5fe294cb1a1feb486065b01477c636688ca9373d462c35b9f97727e8dce2998
b67faff28a680adf93595eb3cf8e9fdd22a8959744e863354ae393f7c72f1ea8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc180bd9692edebe3332018b085efe69268432fc2e9fc7b5c88d4fad4b5d9504
bd751eb33a4519310bdce8775ce7766f328e0cc4a8438141c48ad0201b25a9be
be59f5c62509502400a70ae10d6ed561b14de1db21ed9a5916c66f74cf8689f5
bf45935e01e4a5d30b325671ed91e559c67e8dff34babe304f2622c732005691
bfd9f4e9ba37ed3e147bf232c521d468165f24abcf05da6113c572b61ad37ba7
c2bf03df5be311c4cbb6b432906da55a318c37bac325de110342068711f56e95
c3be1faee4e8af9ddaba49f06c6fa3856a17ee5ae7632f2fafd2d2a5b786146a
cc095fa6b3a5b73c34ab5b62f5c88a500af4745e56a92fc7d97dfe52931babe1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb6074cb53a7b9acdaca25cf750495b66c35384c9d76decce443bddad1a54f5
d0bb667f426e06269e13e30b08c619fc3399338d68338db08647fd1772597945
d10cc8560b7e4cfe84a53b01f7932d74dcbb5f3a4e55b37a19d6efc7ae88755f
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
dd2c7e02518bfa14a9db28ecdd19a6ec91b87468dba35c984a118747efb5f2d4
dd44fdc011930b48da2034dec6604ccb2a9bf034b5943fe12c4656b20c388630
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
deaa68114c08e5ca29f317914c10e84a0d2e665fd8e15307ef85a336b1abd42b
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72
e1bfc673d78e558e00af3b49e472918c717488e107f935afc398f32cbfe0fa70
e25647f123b16e24dcb2aea5bb1d2d3a00f0b6c84c70a2e1c5101b230f952c99
e2be8244dfc815a9aa6990ee186af225a1196a80132282c05fa2df2560bd0e68
e3aeab48b98bffd862e8396f623b16f0d5e7a3d292a42cd527e275e0acce1cbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
e9e6a37a6460dfc2e41c57da11e6858364b01993866a6c06de0be4022934bcb1
ea7b051ce6894ed440c7f39370387ba025723db626f064db01feb758ad8d7674
ed4042bf71d9ce59db0148f69b57e45f9f042911fd8aaaa669bdcb41a2a72b7b
ed9d92b3e166f8b8a98d4fc391b07e69fd3f0e1dad3112e20c21276d0f17258d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04e63a1c62b5533546104f1354b475093a104135c76cbd7c6c9509bcc4832e7
f283d3c3a2dd4996a0a12186aee8ce70e051aeb70aec4b2954ab471e2b42fa00
f53d84c8bb25769a98c7c703ddad95e1f108f7f3008364bcabeac0fd54481c30
f66b06da404f78ef62e3ccf1d92ce2a1b65953e23cb3f1b2780a216141725cb0
fa6fd33317a03709705fa8fb0fdfb201274ba09106ff297e820b08da40efc4d7
fb4c391be2dd9e927d16789bebea68314f10f75383bc4a7b920e8addfdf3e44c
fbd6017683e5e98f08bfd009f39340d0de149de152dcd3f31a9e1f396d658212

globoplay.globo.com Open in urlscan Pro 131.0.25.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

354 Requests

89 %HTTPS

25 %IPv6

61 Domains

119 Subdomains

100 IPs

10 Countries

4576 kBTransfer

12438 kBSize

84 Cookies

4 Outgoing links

Redirected requests

354 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

globoplay.globo.com Open in urlscan Pro
131.0.25.109 Public Scan

Screenshot
Live screenshot

Full Image

354
Requests

89 %
HTTPS

25 %
IPv6

61
Domains

119
Subdomains

100
IPs

10
Countries

4576 kB
Transfer

12438 kB
Size

84
Cookies

354 HTTP transactions
1 data transactions