oglobo.globo.com Open in urlscan Pro
201.7.177.131 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Submission: On March 23 via api (March 23rd 2021, 9:14:45 pm UTC) from US

Summary HTTP 309 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 86 IPs in 10 countries across 64 domains to perform 309 HTTP transactions. The main IP is 201.7.177.131, located in Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is oglobo.globo.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on October 20th 2020. Valid for: a year.

This is the only time oglobo.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	201.7.177.131 201.7.177.131	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
6	186.192.90.3 186.192.90.3	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
18	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
47	201.7.177.155 201.7.177.155	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1 3	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	201.7.177.167 201.7.177.167	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
4	23.37.56.41 23.37.56.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 9	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
3	186.192.91.5 186.192.91.5	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	131.0.25.211 131.0.25.211	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	13.226.159.100 13.226.159.100	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2010	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	146.88.138.85 146.88.138.85	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700:10:... 2606:4700:10::6816:28b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.226.159.122 13.226.159.122	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
3	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.19.162.61 213.19.162.61	3356 (LEVEL3) (LEVEL3)
1	34.96.106.9 34.96.106.9	15169 (GOOGLE) (GOOGLE)
5	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
1 4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	131.0.25.68 131.0.25.68	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	104.18.134.145 104.18.134.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	186.192.81.117 186.192.81.117	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	151.101.193.181 151.101.193.181	54113 (FASTLY) (FASTLY)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.123.237.40 3.123.237.40	16509 (AMAZON-02) (AMAZON-02)
1	131.0.25.125 131.0.25.125	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 11	2606:4700:10:... 2606:4700:10::6816:295	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
2	185.86.138.122 185.86.138.122	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
2	212.82.100.146 212.82.100.146	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	18.185.197.81 18.185.197.81	16509 (AMAZON-02) (AMAZON-02)
2 17	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3 10	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2 5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	34.246.156.173 34.246.156.173	16509 (AMAZON-02) (AMAZON-02)
1 2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	172.105.203.31 172.105.203.31	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	35.156.223.207 35.156.223.207	16509 (AMAZON-02) (AMAZON-02)
1 1	50.16.38.94 50.16.38.94	14618 (AMAZON-AES) (AMAZON-AES)
3	54.194.235.254 54.194.235.254	16509 (AMAZON-02) (AMAZON-02)
1	159.89.244.107 159.89.244.107	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2600:1f18:612... 2600:1f18:612b:4200:ae67:61d5:5bef:8e79	14618 (AMAZON-AES) (AMAZON-AES)
2	18.184.153.186 18.184.153.186	16509 (AMAZON-02) (AMAZON-02)
4 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	52.28.33.202 52.28.33.202	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	69.46.4.44 69.46.4.44	29802 (HVC-AS) (HVC-AS)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	185.29.132.68 185.29.132.68	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	131.0.25.26 131.0.25.26	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	159.89.241.163 159.89.241.163	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
309	86

7 201.7.177.131 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)

oglobo.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 186.192.90.3 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-3.prt.globo.com

s3.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 201.7.177.155 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)

ogjs.infoglobo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ogcss.infoglobo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ogimg.infoglobo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 201.7.177.167 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)

static.infoglobo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.37.56.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-56-41.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.37.42.132 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 186.192.91.5 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com

s.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.0.25.211 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-211.prt.globo.com

analysis.infoglobo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-100.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gadasource.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.88.138.85 (United States)

ASN33438 (HIGHWINDS2, US)

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:28b9 (United States)

ASN13335 (CLOUDFLARENET, US)

api.deep.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-122.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.106.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.106.96.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.0.25.68 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-68.prt.globo.com

horizon.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.134.145 (United States)

ASN13335 (CLOUDFLARENET, US)

config.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.81.117 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com

horizon-schemas.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.181 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.237.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-237-40.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.0.25.125 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-125.prt.globo.com

horizon-track.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:295 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

banner.boostbox.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.146 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-flurry71.prod.media.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.197.81 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-197-81.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.246.156.173 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-156-173.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.203.31 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1857-31.members.linode.com

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.223.207 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-223-207.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.38.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.235.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-235-254.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.244.107 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

scripts.curtivendi.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4200:ae67:61d5:5bef:8e79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.153.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-153-186.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (United States) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.33.202 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.46.4.44 (United States)

ASN29802 (HVC-AS, US)

scripts.mxfwdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.68 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.0.25.26 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-26.prt.globo.com

recomendacao.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.241.163 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

tags.fulllab.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	infoglobo.com.br ogjs.infoglobo.com.br ogcss.infoglobo.com.br static.infoglobo.com.br ogimg.infoglobo.com.br analysis.infoglobo.com.br	462 KB
39	googlesyndication.com 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com tpc.googlesyndication.com 032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com pagead2.googlesyndication.com	167 KB
37	taboola.com 2 redirects cdn.taboola.com trc.taboola.com 15.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com trc-events.taboola.com vidstat.taboola.com imprammp.taboola.com am-match.taboola.com am-vid-events.taboola.com	226 KB
26	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	282 KB
22	rubiconproject.com 5 redirects ads.rubiconproject.com fastlane.rubiconproject.com prebid-a.rubiconproject.com pixel.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	111 KB
11	boostbox.com.br 1 redirects banner.boostbox.com.br	256 KB
11	facebook.com www.facebook.com	1 KB
11	globo.com oglobo.globo.com horizon.globo.com horizon-schemas.globo.com horizon-track.globo.com recomendacao.globo.com	79 KB
9	glbimg.com s3.glbimg.com s.glbimg.com	82 KB
8	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	105 KB
8	google.com 1 redirects ampcid.google.com www.google.com adservice.google.com	757 B
6	googletagservices.com www.googletagservices.com	198 KB
5	criteo.net static.criteo.net	89 KB
5	criteo.com 1 redirects bidder.criteo.com gum.criteo.com dis.criteo.com	1 KB
5	facebook.net connect.facebook.net	233 KB
5	twitter.com 1 redirects platform.twitter.com syndication.twitter.com analytics.twitter.com	133 KB
4	spotxchange.com 4 redirects sync.search.spotxchange.com	3 KB
4	google.de ampcid.google.de www.google.de	353 B
4	tiqcdn.com tags.tiqcdn.com	28 KB
3	cloudflare.com cdnjs.cloudflare.com	12 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	yahoo.com 1 redirects ads.yap.yahoo.com pr-bh.ybp.yahoo.com	2 KB
3	smartadserver.com prg.smartadserver.com rtb-csync.smartadserver.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	seedtag.com s.seedtag.com config.seedtag.com cs.seedtag.com	29 KB
3	petametrics.com cdn.petametrics.com query.petametrics.com	57 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	474 B
2	openx.net 2 redirects us-u.openx.net	444 B
2	advertising.com pixel.advertising.com	248 B
2	tremorhub.com taboola-supply-partners.tremorhub.com	364 B
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	828 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	polyfill.io cdn.polyfill.io	2 KB
2	perfectmarket.com widget.perfectmarket.com	33 KB
2	google.nl adservice.google.nl	311 B
2	google-analytics.com www.google-analytics.com	19 KB
2	jsdelivr.net cdn.jsdelivr.net	2 KB
2	navdmp.com tag.navdmp.com usr.navdmp.com	6 KB
1	fulllab.com.br tags.fulllab.com.br	1 KB
1	rlcdn.com id.rlcdn.com
1	mathtag.com 1 redirects sync.mathtag.com	632 B
1	mxfwdredir.com scripts.mxfwdredir.com	1 KB
1	360yield.com 1 redirects ad.360yield.com	221 B
1	curtivendi.com.br scripts.curtivendi.com.br	6 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	616 B
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	360 B
1	emxdgt.com e1.emxdgt.com	45 B
1	adkernel.com dsp.adkernel.com	233 B
1	pubmatic.com simage2.pubmatic.com	805 B
1	adnxs.com ib.adnxs.com	693 B
1	creativecdn.com prebid-us.creativecdn.com	226 B
1	2mdn.net s0.2mdn.net	24 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	t.co t.co	170 B
1	deep.bi api.deep.bi	20 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleapis.com gadasource.storage.googleapis.com	24 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	64 KB
0	tapad.com Failed pixel.tapad.com Failed
309	64

	Domain	Requested by
38	ogjs.infoglobo.com.br	oglobo.globo.com
28	tpc.googlesyndication.com	securepubads.g.doubleclick.net oglobo.globo.com 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com tpc.googlesyndication.com 032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
16	securepubads.g.doubleclick.net	oglobo.globo.com securepubads.g.doubleclick.net www.googletagservices.com 032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
11	banner.boostbox.com.br	1 redirects 032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com banner.boostbox.com.br
11	www.facebook.com	oglobo.globo.com connect.facebook.net
10	cdn.taboola.com	oglobo.globo.com cdn.taboola.com
7	pixel.rubiconproject.com	oglobo.globo.com eus.rubiconproject.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com oglobo.globo.com www.googletagservices.com
7	oglobo.globo.com	oglobo.globo.com ogjs.infoglobo.com.br
6	eus.rubiconproject.com	am-match.taboola.com imprammp.taboola.com eus.rubiconproject.com ads.rubiconproject.com
6	www.googletagservices.com	securepubads.g.doubleclick.net 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com 032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
6	s3.glbimg.com	oglobo.globo.com tags.tiqcdn.com s.glbimg.com s3.glbimg.com
5	trc-events.taboola.com	oglobo.globo.com
5	sync-t1.taboola.com	oglobo.globo.com am-match.taboola.com imprammp.taboola.com
5	cm.g.doubleclick.net	2 redirects oglobo.globo.com
5	sync.taboola.com	2 redirects oglobo.globo.com am-match.taboola.com
5	trc.taboola.com	cdn.taboola.com oglobo.globo.com
5	static.criteo.net	securepubads.g.doubleclick.net oglobo.globo.com ads.rubiconproject.com static.criteo.net
5	www.google.com	1 redirects oglobo.globo.com 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com
5	connect.facebook.net	oglobo.globo.com connect.facebook.net
5	ogimg.infoglobo.com.br	oglobo.globo.com
4	sync.search.spotxchange.com	4 redirects
4	googleads.g.doubleclick.net	www.googleadservices.com 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com
4	tags.tiqcdn.com	oglobo.globo.com tags.tiqcdn.com
4	ogcss.infoglobo.com.br	oglobo.globo.com ogcss.infoglobo.com.br
3	cdnjs.cloudflare.com	tags.fulllab.com.br
3	token.rubiconproject.com	3 redirects
3	beacon.krxd.net	cdn.krxd.net
3	x.bidswitch.net	3 redirects
3	match.adsrvr.org	2 redirects
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com oglobo.globo.com
3	cdn.krxd.net	tags.tiqcdn.com cdn.krxd.net
3	bidder.criteo.com	ads.rubiconproject.com static.criteo.net
3	www.google.de	oglobo.globo.com
3	s.glbimg.com	tags.tiqcdn.com s3.glbimg.com s.glbimg.com
3	platform.twitter.com	1 redirects oglobo.globo.com platform.twitter.com
2	sync-tm.everesttech.net	2 redirects
2	us-u.openx.net	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	pixel.advertising.com	am-match.taboola.com imprammp.taboola.com
2	taboola-supply-partners.tremorhub.com	am-match.taboola.com imprammp.taboola.com
2	ce.lijit.com	1 redirects oglobo.globo.com
2	bh.contextweb.com	1 redirects oglobo.globo.com
2	rtb.mfadsrvr.com	2 redirects
2	ads.yap.yahoo.com	banner.boostbox.com.br
2	prg.smartadserver.com	banner.boostbox.com.br
2	cdn.polyfill.io	banner.boostbox.com.br
2	032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	prebid-a.rubiconproject.com	ads.rubiconproject.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	consumer.krxd.net	cdn.krxd.net
2	3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.nl	securepubads.g.doubleclick.net
2	query.petametrics.com	oglobo.globo.com
2	www.google-analytics.com	www.googletagmanager.com oglobo.globo.com
2	cdn.jsdelivr.net	ads.rubiconproject.com
1	cs.seedtag.com	ads.rubiconproject.com
1	tags.fulllab.com.br	scripts.mxfwdredir.com
1	recomendacao.globo.com	oglobo.globo.com
1	id.rlcdn.com
1	sync.mathtag.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	scripts.mxfwdredir.com	scripts.curtivendi.com.br
1	ad.360yield.com	1 redirects
1	scripts.curtivendi.com.br	banner.boostbox.com.br
1	am-vid-events.taboola.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	vidstat.taboola.com	cdn.taboola.com
1	sync.srv.stackadapt.com	1 redirects
1	cds.taboola.com	oglobo.globo.com
1	bttrack.com	oglobo.globo.com
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com	oglobo.globo.com
1	dsp.adkernel.com	oglobo.globo.com
1	rtb-csync.smartadserver.com	oglobo.globo.com
1	simage2.pubmatic.com	oglobo.globo.com
1	ib.adnxs.com	oglobo.globo.com
1	match.taboola.com	oglobo.globo.com
1	15.taboola.com	cdn.taboola.com
1	prebid-us.creativecdn.com	banner.boostbox.com.br
1	s0.2mdn.net	tpc.googlesyndication.com
1	horizon-track.globo.com	s3.glbimg.com
1	gum.criteo.com	static.criteo.net
1	analytics.twitter.com	platform.twitter.com
1	cdn.onesignal.com	ogjs.infoglobo.com.br
1	horizon-schemas.globo.com	s3.glbimg.com
1	config.seedtag.com	oglobo.globo.com
1	syndication.twitter.com	platform.twitter.com
1	horizon.globo.com	oglobo.globo.com
1	s.seedtag.com	ads.rubiconproject.com
1	fastlane.rubiconproject.com	ads.rubiconproject.com
1	vars.hotjar.com	static.hotjar.com
1	t.co	oglobo.globo.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	api.deep.bi	oglobo.globo.com
1	cdn.petametrics.com	oglobo.globo.com
1	static.ads-twitter.com	oglobo.globo.com
1	gadasource.storage.googleapis.com	oglobo.globo.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	usr.navdmp.com	tag.navdmp.com
1	analysis.infoglobo.com.br	oglobo.globo.com
1	ads.rubiconproject.com	tags.tiqcdn.com
1	tag.navdmp.com	tags.tiqcdn.com
1	www.googletagmanager.com	oglobo.globo.com
1	static.infoglobo.com.br	oglobo.globo.com
0	pixel.tapad.com Failed
309	113

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
blogs.oglobo.globo.com
meuoglobo.oglobo.globo.com
extra.globo.com
kogut.oglobo.globo.com
infoglobosites2.secure.force.com
acervo.oglobo.globo.com
educacaoquetransforma.oglobo.globo.com
www.publicidadeeditoraglobo.com.br
web.whatsapp.com
login.globo.com
privacidade.globo.com
renues-phositime.com
om.forgeofempires.com
k.ilius.net
popup.taboola.com
www.snelleofferte.nl
www.pchelpsoft.net
www.gda.com
www.agenciaoglobo.com.br
www.vagas.com.br
www.globo.com

Subject Issuer	Validity	Valid
oglobo.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-20` - `2021-10-20`	a year	crt.sh
s3.glbimg.com RapidSSL RSA CA 2018	`2020-04-14` - `2021-06-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.infoglobo.com.br RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-12-14` - `2021-12-14`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.glbimg.com RapidSSL RSA CA 2018	`2020-04-15` - `2021-06-14`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
cdn.petametrics.com R3	`2021-03-11` - `2021-06-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.liftigniter.com R3	`2021-01-26` - `2021-04-26`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-31` - `2022-04-14`	2 years	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.nl GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
horizon.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-18` - `2021-10-17`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
horizon-schemas.globo.com RapidSSL RSA CA 2018	`2020-03-01` - `2021-04-30`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
horizon-track.globo.com RapidSSL RSA CA 2018	`2020-03-18` - `2021-05-17`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.boostbox.com.br AlphaSSL CA - SHA256 - G2	`2019-09-10` - `2021-09-10`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.gw.flurry.com DigiCert SHA2 High Assurance Server CA	`2021-02-02` - `2021-07-27`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
scripts.curtivendi.com.br R3	`2021-02-25` - `2021-05-26`	3 months	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
*.mxfwdredir.com AlphaSSL CA - SHA256 - G2	`2019-08-09` - `2021-08-09`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
recomendacao.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-17` - `2022-01-17`	a year	crt.sh
tags.fulllab.com.br R3	`2020-12-25` - `2021-03-25`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Frame ID: 27CA088091956DD798C02545892F1886
Requests: 174 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 61A3E9F4B76B010E016FAD1EF2B17E87
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Foglobo.globo.com
Frame ID: 41B71B663E5871F6A33CC8ABE12650D0
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRz666ngJzWUvoHgsOjulzrS5e73bNX65N86nEuT01TO-A6mVUWIQVS1hSBRj0cltC6XPSv_QYy87onHxI-maRML_WdIDNzvuaCAh0s8gkFCSOU6O3GFe6D_wVaD2Z-swNPczUrZX4K2Go5Aw3t01QNzemL1G1LCVsv_Y-7b9zv0Q_o4imUwQvkgvnzyFja56UJKdi2CKCsBIslWB9x6Ct9mq9Qn4zxC3X6mUXutgV1C04OqYkZrjeuqYrLrQDkW8m1KGhI0W47ZlrICzL_trjwz-YSt-jlFe0iSS8mGgpFVbubHq5zZ1g0nWIAGnIQfR57AwOoQ&sig=Cg0ArKJSzGNhYSKpiP3zEAE&urlfix=1&adurl=
Frame ID: E9F97854B401686301B2F72D21256349
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6RoIqQsCSbwXNtCHqP0lS7A8nCSY8FknuY7fLCkzAUpT67bAduaFmNZRab6WNGHN7r_umE0ZXqONacAnGB1EFGZOpK_XU7ZMb2j9vKzJEbwxtX159ChLw0ubdyGgWn9qTgsMJ_B1C1ZgcLKW3inJCK6o3Hac4LtO7iroRF03b7zTlGTA_WzDgx31U9Opr-pqvm8q5wVfNBcyW8KvJw0ztAnkiRWZaooKOcdqPLfH6U55rNoBOoAv1CwyHxOjgJqLtzj5FHZrAF-ArFBdYxOpscTts-xRvk_Z8dpPBZYd0F4HNuWVTYBmPYxT_FlElGYNIwq7d7A&sig=Cg0ArKJSzCgkak-YSqoDEAE&urlfix=1&adurl=
Frame ID: 83FEF75DB82BADC077178B0C4F9E598A
Requests: 20 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=oglobo.globo.com
Frame ID: 44A7DE6E9A45E362BCED9AD14CE92B0A
Requests: 1 HTTP requests in this frame

Frame: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F90C96E75C5A50BDE987054D7DF619E7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html
Frame ID: ED2E66ED0882A6A8B2944E174B01F90C
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D3708CC9C03AD4CB72E2CFB9BF666AF7
Requests: 2 HTTP requests in this frame

Frame: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 5B74DCC1DACB09C282066B756383604F
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: CEFF92F1708750FAA300BA592423A004
Requests: 2 HTTP requests in this frame

Frame: https://banner.boostbox.com.br/banners/d9db2c245b71f526ae00e5c9
Frame ID: BBC7DBFFA901C40AD1271AECB7710008
Requests: 9 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=83d70dd6-f68c-4145-a254-db72face5123&tbid=c0b52878-d4e4-4cb0-857e-5d15a623604b-tuct753dfaf&query=taboola_hm%3D83d70dd6-f68c-4145-a254-db72face5123&isDirect=0
Frame ID: B1B8BD4CA5979F7DB0C9FC8D4FF95503
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 943A001646650919BE03266E065C927A
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&cmcv=&pix=undefined&cb=1616534063699&uv=2944&tms=1616534063699&abt=adh5c-1_vA!insc_vA!nrlc_vB!spa2_vA!srd_vA!u2822_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=BC7954EED6756965771296455125&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 7BB1E4D158E26F04F4E15C693D194FFE
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: E294C47D72A09FB9D4AF12200763F87E
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 0D6968242CD7679993FC9EC8B3C19690
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 83BA68082C25CE6D6C0D3C47A6FD01FC
Requests: 3 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=caae8bc6-60f1-432a-896d-f94ba85a652a
Frame ID: EA07BF0F10A587C25D44A03FD596D0CC
Requests: 1 HTTP requests in this frame

Frame: https://tags.fulllab.com.br/safeframe
Frame ID: 7D63B6427520CCA920FB76C16696A771
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FD237B14F6CD76BFD2614D77C60BC246
Requests: 2 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?ga=true&cd=undefined
Frame ID: CF9327F4A75DEB9DD6DB446A5C263DEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/[^/]*\.rubiconproject\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

309
Requests

100 %
HTTPS

34 %
IPv6

64
Domains

113
Subdomains

86
IPs

10
Countries

2839 kB
Transfer

8778 kB
Size

31
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/jornaloglobo
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/jornaloglobo
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jornaloglobo
Title: Instagram

Search URL Search Domain Scan URL

URL: https://blogs.oglobo.globo.com/opiniao/
Title: Opinião

Search URL Search Domain Scan URL

URL: https://blogs.oglobo.globo.com/sonar-a-escuta-das-redes/
Title: Logo Sonar

Search URL Search Domain Scan URL

URL: https://meuoglobo.oglobo.globo.com/
Title: Logo Meu O Globo

Search URL Search Domain Scan URL

URL: https://extra.globo.com/
Title: Logo Extra

Search URL Search Domain Scan URL

URL: https://kogut.oglobo.globo.com/
Title: Logo Patrícia Kogut

Search URL Search Domain Scan URL

URL: https://infoglobosites2.secure.force.com/assinante/
Title: Portal do Assinante

Search URL Search Domain Scan URL

URL: https://acervo.oglobo.globo.com/
Title: Acervo

Search URL Search Domain Scan URL

URL: https://educacaoquetransforma.oglobo.globo.com/
Title: Educação que Transforma

Search URL Search Domain Scan URL

URL: https://www.publicidadeeditoraglobo.com.br/midiakit-digital
Title: PUBLICIDADE

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=431855430329169&display=popup&name=Dez+milh%c3%b5es+de+senhas+de+brasileiros+s%c3%a3o+expostas+em+megavazamento+global&link=https%3a%2f%2foglobo.globo.com%2feconomia%2fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257%3futm_source%3dFacebook%26utm_medium%3dSocial%26utm_campaign%3dcompartilhar&redirect_uri=https%3a%2f%2foglobo.globo.com%2f%23close_window&description=No+total%2c+mais+de+3+bilh%c3%b5es+delas+foram+vazadas+no+mundo.+%c3%93rg%c3%a3os+de+governo+como+C%c3%a2mara+e+STF+e+estatais+foram+afetados+&picture=https%3a%2f%2fogimg.infoglobo.com.br%2fin%2f24911282-108-3f3%2fFT460B%2f220%2fhacking-1685092_1280.jpg
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Dez+milh%c3%b5es+de+senhas+de+brasileiros+s%c3%a3o+expostas+em+megavazamento+global&url=https%3a%2f%2foglobo.globo.com%2feconomia%2fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257%3futm_source%3dTwitter%26utm_medium%3dSocial%26utm_campaign%3dcompartilhar
Title: Twitter

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=O+Globo%3A+Dez+milh%C3%B5es+de+senhas+de+brasileiros+s%C3%A3o+expostas+em+megavazamento+global+-+https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257%3Futm_source%3DWhatsapp%26utm_medium%3DSocial%26utm_campaign%3Dcompartilhar
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://login.globo.com/termosUso/4975
Title: Termos de Uso

Search URL Search Domain Scan URL

URL: https://privacidade.globo.com/privacy-policy/
Title: Politica de Privacidade

Search URL Search Domain Scan URL

URL: https://infoglobosites2.secure.force.com/newsletter/
Title: É assinante? Veja newsletters exclusivas

Search URL Search Domain Scan URL

URL: https://blogs.oglobo.globo.com/ancelmo/post/neymar-compra-mansao-de-claudia-raia-mae-do-namorado-de-bruna-marquezine.html
Title:

Search URL Search Domain Scan URL

URL: https://renues-phositime.com/9be1c3fa-6708-4fd8-a77e-17f8f07c3fcb?campaign=%7Bcampaign%7D&site=editoraglobo-oglobo&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F491a846b1b9ea950ec4970bc69e0fcf5.jpg&title=%E2%82%AC+250+investeren+in+deze+bedrijven+kan+een+tweede+salaris+opleveren.&campaign_item_id=2980004975&site_id=1212310&click_id=GiAVdUH1_jvCv-QQ_lidXgto9Wr-dCBzOfNhqP3LEps7LSCuzVMoodCg5rX-yskK&utm_source=taboola&utm_medium=referral&tblci=GiAVdUH1_jvCv-QQ_lidXgto9Wr-dCBzOfNhqP3LEps7LSCuzVMoodCg5rX-yskK#tblciGiAVdUH1_jvCv-QQ_lidXgto9Wr-dCBzOfNhqP3LEps7LSCuzVMoodCg5rX-yskK
Title: T1M

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/nl/?ref=tab_nl_nl&&external_param=2898625977&pid=editoraglobo-oglobo&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0aaf5560c4837bf0ccdfc65ee9dea847.jpeg&tblci=GiAVdUH1_jvCv-QQ_lidXgto9Wr-dCBzOfNhqP3LEps7LSDJqD8o-Zmxurr0m-NT#tblciGiAVdUH1_jvCv-QQ_lidXgto9Wr-dCBzOfNhqP3LEps7LSDJqD8o-Zmxurr0m-NT
Title: Forge of Empires

Search URL Search Domain Scan URL

URL: https://blogs.oglobo.globo.com/bela-megale/post/lula-segue-cartilha-de-medicos-cubanos-sobre-covid-19.html
Title:

Search URL Search Domain Scan URL

URL: https://blogs.oglobo.globo.com/ancelmo/post/ministro-marco-aurelio-do-stf-pronto-para-deixar-hospital.html
Title:

Search URL Search Domain Scan URL

URL: http://k.ilius.net/?mtcmk=914124&fsid=086&utm_source=taboola&utm_term=editoraglobo-oglobo&utm_medium=display&utm_campaign=2251162&tblci=GiAVdUH1_jvCv-QQ_lidXgto9Wr-dCBzOfNhqP3LEps7LSDNskko0eOY3q-vqMzqAQ#tblciGiAVdUH1_jvCv-QQ_lidXgto9Wr-dCBzOfNhqP3LEps7LSDNskko0eOY3q-vqMzqAQ
Title: Lexa

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editoraglobo-oglobo&utm_medium=referral&utm_content=thumbs-hero-02:Below%20Page%20|%20Card%201:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://www.snelleofferte.nl/traplift-info/wat-kost-een-traplift/?utm_content=6627-im_294-ad_wat_kost_een_traplif-bs_re&utm_img=294-127-nrs-sta_gen-ma-nt-nb-not&utm_source=taboola&utm_medium=cpc&utm_campaign=sta_gen-2002614-de-pr-prp_compare_prices&utm_ctype=disp&utm_template=1004_vergelijk_sta_dec&utm_term=1212310#tblciGiAVdUH1_jvCv-QQ_lidXgto9Wr-dCBzOfNhqP3LEps7LSCFnUIo9dequfSchrjTAQ
Title: Snelleofferte.nl

Search URL Search Domain Scan URL

URL: https://www.pchelpsoft.net/pc-cleaner/nl/LP14.php?campaignid=TBL&tracking=PH_NL_TBL_1803_PCC&filter=editoraglobo-oglobo&keyword=1212310&clickid=GiAVdUH1_jvCv-QQ_lidXgto9Wr-dCBzOfNhqP3LEps7LSCfzE4ozu6sr7XRrqt1&tblci=GiAVdUH1_jvCv-QQ_lidXgto9Wr-dCBzOfNhqP3LEps7LSCfzE4ozu6sr7XRrqt1#tblciGiAVdUH1_jvCv-QQ_lidXgto9Wr-dCBzOfNhqP3LEps7LSCfzE4ozu6sr7XRrqt1
Title: pchelpsoft.net

Search URL Search Domain Scan URL

URL: http://www.gda.com/
Title: Logo GDA

Search URL Search Domain Scan URL

URL: http://www.agenciaoglobo.com.br/
Title: Agência O Globo

Search URL Search Domain Scan URL

URL: https://www.publicidadeeditoraglobo.com.br/
Title: Anuncie conosco

Search URL Search Domain Scan URL

URL: https://www.vagas.com.br/editoraglobo
Title: Trabalhe conosco

Search URL Search Domain Scan URL

URL: https://www.globo.com/privacidade.html
Title: Política de privacidade

Search URL Search Domain Scan URL

URL: https://privacidade.globo.com/
Title: Portal da Privacidade

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 152

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1616534062277&ns_c=UTF-8&cv=3.5&c8=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%20-%20Jornal%20O%20Globo&c7=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1616534062277&ns_c=UTF-8&cv=3.5&c8=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%20-%20Jornal%20O%20Globo&c7=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&c9=&cs_ak_ss=1

Request Chain 187

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 193

https://banner.boostbox.com.br/integrations/script.js?token=d9db2c245b71f526ae00e5c9 HTTP 301
https://banner.boostbox.com.br/integrations/script/d9db2c245b71f526ae00e5c9.js

Request Chain 227

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=83d70dd6-f68c-4145-a254-db72face5123 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=83d70dd6-f68c-4145-a254-db72face5123&tbid=c0b52878-d4e4-4cb0-857e-5d15a623604b-tuct753dfaf&query=taboola_hm%3D83d70dd6-f68c-4145-a254-db72face5123&isDirect=0

Request Chain 229

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=SS4Ui8qkIeHL&ev=1&orig=trc&pid=562107

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIUReWHoBzVDN79GNE1cjEg&google_cver=1

Request Chain 233

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c0b52878-d4e4-4cb0-857e-5d15a623604b-tuct753dfaf

Request Chain 234

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=11fe9fc1-0a68-4f67-80ac-3c2abfb51186

Request Chain 235

https://ce.lijit.com/merge?pid=42&3pid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 240

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=baeccf21-b3ef-43c5-b19c-13ef22510068

Request Chain 241

https://id5-sync.com/s/464/9.gif?puid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMODIWla6Y0gsB_RQssrR7fCUSQdPKJ_Ip5H_NydQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMODIWla6Y0gsB_RQssrR7fCUSQdPKJ_Ip5H_NydQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=f705165f-8000-4681-a938-e35a38336c42&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESED2bA8MjOnm3X6Izaz05WVg&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESED2bA8MjOnm3X6Izaz05WVg&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESED2bA8MjOnm3X6Izaz05WVg%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=949798523058985221&opid=apx&ops=&utidl=tech:goo:CAESED2bA8MjOnm3X6Izaz05WVg&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A16429287799&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/4/4.gif?puid=e3d79e8ee37d51462e105dd0230a02c5&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/3/5.gif?puid=01821c4a-0c8b-4dd8-bbb8-cb72b74fd351&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 242

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=OwL2G0EhBeyKb_XRL1paYA

Request Chain 245

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=aykf4dM7SuFLYN5tJ6j1nLnUq0M&user_group=1&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e70ecfdf-3065-4cd6-9837-6fccec202996

Request Chain 274

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=bdf8be5d-8c1c-11eb-b1a4-1ac061c70406 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=bdf8be1d-8c1c-11eb-b1a4-1ac061c70406&orig=video&us_privacy=1---

Request Chain 275

https://ad.360yield.com/server_match?partner_id=1577gdpr=1&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=f705165f-8000-4681-a938-e35a38336c42

Request Chain 278

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=bdfb8739-8c1c-11eb-8181-1e8b65532806 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=bdfb8704-8c1c-11eb-8181-1e8b65532806&orig=video&us_privacy=1---

Request Chain 279

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 280

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 281

https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=caae8bc6-60f1-432a-896d-f94ba85a652a

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESENt_FISIwPBq4SKMo29XTd8&google_cver=1

Request Chain 289

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/9yuiaCLe87hlEZl4QWgBUw?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8388510146163247508

Request Chain 290

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d480605a-5a2f-4700-b107-42b8361fe7c2&gdpr=1&gdpr_consent=

Request Chain 291

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDg0M2MxMzU2OGQxMWQxOWYyYmQ3ZjQyYWMzYzA3NjkwNGExZDNhMw&gdpr=1&us_privacy=1---

Request Chain 294

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01NSU40WVYtWi05OTU4&gdpr=1&us_privacy=1---

Request Chain 295

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1--- HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1---&_test=YFpaMAAAAL1RzFZV HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFpaMAAAAL1RzFZV&gdpr=1&us_privacy=1---&_test=YFpaMAAAAL1RzFZV

309 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257 Show response
oglobo.globo.com/economia/ 64 KB
17 KB 212ms
211ms Document
text/html 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

5ad1ada905b63f51fad9ed28df01b250243411c0ac175bd63858b99fb27c2566

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: oglobo.globo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:07 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
X-Frame-Options: SAMEORIGIN
X-HashTwo: 24911257
Expires: 1616534057682
X-Mod-Pagespeed: Powered By mod_pagespeed
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
cache-control: max-age=10
xkey: 24911257
Age: 12
grace: none
X-Cache: HIT
X-Cache-Hits: 1
Accept-Ranges: bytes
Content-Length: 16890
Strict-Transport-Security: max-age=15768000
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

GET
H2 200 lgpd-lib.min.css
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 11 KB
2 KB 217ms
213ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.css
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2e53bbdf41db08d5017462fe9963a8ee505c7a8ff83756c5217635019a076465

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:20 GMT
content-encoding: gzip
x-openstack-request-id: txcbed4666fda44f7fa690f-00605a1d93
last-modified: Wed, 24 Feb 2021 17:18:00 GMT
x-thanos: 0A823005
vary: Accept-Encoding, Origin
content-type: text/css; charset=utf-8
x-timestamp: 1614187079.15655
cache-control: public, max-age=86400
x-trans-id: txcbed4666fda44f7fa690f-00605a1d93
x-request-id: ca5b96d6-1c6d-4095-a7d2-3a9b9888f89c

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
19 KB 35ms
31ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

eec41df109696ad2ad9731a3efd28e1f828a6deef6a5a066b0fdf2b69d1adba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "821 / 476 of 1000 / last-modified: 1616520551"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19822
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:20 GMT

GET
H/1.1 200
OK intersection-observer.min.js.pagespeed.ce.ShlE4LChN5.js Show response
ogjs.infoglobo.com.br/117/scripts/polyfills/ 7 KB
3 KB 624ms
207ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/polyfills/intersection-observer.min.js.pagespeed.ce.ShlE4LChN5.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

5da1b7de6689ca5f3bd142b9810450d30f13ff29781ae85e91dc34603762d34c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 6991
Age: 3656158
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2380
Last-Modified: Fri, 05 Feb 2021 17:05:36 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Feb 2022 13:38:21 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 3821236

GET
H/1.1 200
OK webcomponents.min.js.pagespeed.ce.7rgEVgN3mL.js Show response
ogjs.infoglobo.com.br/117/scripts/polyfills/ 276 B
750 B 638ms
214ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/polyfills/webcomponents.min.js.pagespeed.ce.7rgEVgN3mL.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

d757fca93bda8aa28c406d9965974769403dad2dce62fd929d5210fbd5a78679

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 17:49:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 276
Age: 2518025
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 204
Last-Modified: Wed, 17 Feb 2021 17:51:58 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Tue, 22 Feb 2022 17:49:33 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 2632692

GET
H/1.1 200
OK site-header.min.js.pagespeed.ce.JbRY4NOB-4.js Show response
ogjs.infoglobo.com.br/117/scripts/ 2 KB
1 KB 212ms
211ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/site-header.min.js.pagespeed.ce.JbRY4NOB-4.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

16b115bf807aeaa56608f4fc894e997c4b27baa0e5f438343ea86c2cef92b4b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 2375
Age: 3656155
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 670
Last-Modified: Fri, 05 Feb 2021 17:05:38 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Feb 2022 13:38:25 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 3599352

GET
H/1.1 200
OK smartbanner.min.js.pagespeed.ce.CODpamhBvy.js Show response
ogjs.infoglobo.com.br/117/scripts/ 710 B
974 B 212ms
211ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/smartbanner.min.js.pagespeed.ce.CODpamhBvy.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

453211aa18a9b872c4085dc146af073e8b80f9163fbe61bbaebdc072b2f961a5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 710
Age: 3656163
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 429
Last-Modified: Fri, 05 Feb 2021 17:05:38 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Feb 2022 13:38:18 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 2671338

GET
H/1.1 200
OK advertising.min.js.pagespeed.ce.afl184AGZJ.js Show response
ogjs.infoglobo.com.br/117/scripts/ 5 KB
2 KB 212ms
212ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/advertising.min.js.pagespeed.ce.afl184AGZJ.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

f28d450e9e78470ffbc658f02741baacbaa9f343c2947c662a652e88528e98c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 17:49:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 4831
Age: 2518028
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1483
Last-Modified: Wed, 17 Feb 2021 17:51:56 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Tue, 22 Feb 2022 17:49:31 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 2694871

GET
H/1.1 200
OK video-player.min.js.pagespeed.ce.16r0dwCjyk.js Show response
ogjs.infoglobo.com.br/117/scripts/ 2 KB
1 KB 624ms
208ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/video-player.min.js.pagespeed.ce.16r0dwCjyk.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

4097ee4cddc31a4bf077ec1b782e05cf34d1d2566361bf2a1772d31eddcbfa23

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 1730
Age: 3656162
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 631
Last-Modified: Fri, 05 Feb 2021 17:05:38 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Feb 2022 13:38:18 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 3660214

GET
H/1.1 200
OK lazy.min.js.pagespeed.ce.anRMxqLKra.js Show response
ogjs.infoglobo.com.br/117/scripts/ 518 B
862 B 211ms
211ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/lazy.min.js.pagespeed.ce.anRMxqLKra.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

260a9cc706f3cc9209f92eb65122df1c9d32b1cb32493712bc60989718a37017

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 518
Age: 3656163
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 317
Last-Modified: Fri, 05 Feb 2021 17:05:36 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Feb 2022 13:38:17 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 3817234

GET
H/1.1 200
OK photo-gallery-inline.min.js.pagespeed.ce._oNKisBGPT.js Show response
ogjs.infoglobo.com.br/117/scripts/ 1 KB
1 KB 625ms
207ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/photo-gallery-inline.min.js.pagespeed.ce._oNKisBGPT.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

3cc9c5ae79a86e309ecd7449cc98ca9358a1d3478bd754a51ba41a6486b4ee28

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 1315
Age: 3656159
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 583
Last-Modified: Fri, 05 Feb 2021 17:05:36 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Feb 2022 13:38:21 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 3512538

GET
H/1.1 200
OK list-gallery-inline.min.js.pagespeed.ce._rPzMA7-rd.js Show response
ogjs.infoglobo.com.br/117/scripts/ 1 KB
1 KB 634ms
212ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/list-gallery-inline.min.js.pagespeed.ce._rPzMA7-rd.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

9663008b21ba661df31ff7888fdaec7c7e5cfd876c0d230ffffa4f58bc85315a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:41:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 1410
Age: 3656160
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 629
Last-Modified: Fri, 05 Feb 2021 17:05:36 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Feb 2022 13:41:11 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 3188073

GET
H/1.1 200
OK newsletter.min.js.pagespeed.ce.LQE07pqBEl.js Show response
ogjs.infoglobo.com.br/117/scripts/ 4 KB
2 KB 634ms
212ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/newsletter.min.js.pagespeed.ce.LQE07pqBEl.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

61bf79f76f519f671811efe14b27ddc95e10b9af03cca47512d6a26a987d06eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 4205
Age: 3656163
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1277
Last-Modified: Fri, 05 Feb 2021 17:05:36 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Feb 2022 13:38:17 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 3633504

GET
H/1.1 200
OK article-feed.min.js.pagespeed.ce.CAlrg55eqe.js Show response
ogjs.infoglobo.com.br/117/scripts/ 4 KB
2 KB 637ms
212ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/article-feed.min.js.pagespeed.ce.CAlrg55eqe.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

0275573708ed4d4c58b9aedcc75dab8ec454af5ae5d5528bc0a0a6b0656febdd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 3874
Age: 3656162
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1333
Last-Modified: Fri, 05 Feb 2021 17:05:36 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Feb 2022 13:38:18 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 3279576

GET
H/1.1 200
OK comments.min.js.pagespeed.ce.uCPSA8I_3M.js Show response
ogjs.infoglobo.com.br/117/scripts/ 3 KB
2 KB 637ms
212ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/comments.min.js.pagespeed.ce.uCPSA8I_3M.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

68a2f5408e23fff3191107403382d049267063746287597c031f03363b07d347

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 3145
Age: 3656159
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1130
Last-Modified: Fri, 05 Feb 2021 17:05:36 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Feb 2022 13:38:21 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 3158648

GET
H/1.1 200
OK article.min.css.pagespeed.ce.mtLI9fNgQv.css
ogcss.infoglobo.com.br/114/styles/ 106 KB
16 KB 624ms
208ms Stylesheet
text/css 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogcss.infoglobo.com.br/114/styles/article.min.css.pagespeed.ce.mtLI9fNgQv.css

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

a584112c99f122716818890312c69c444ae9548a266613122e6519c9696ae58b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 12:24:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 108216
Age: 2883126
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 15705
Last-Modified: Wed, 17 Feb 2021 17:51:50 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Expires: Fri, 18 Feb 2022 12:24:43 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 2329616

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 15ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC5) /
Resource Hash: 0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:22:22 GMT
Server: ECS (amb/6BC5)
Age: 726
Etag: "965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29026

GET
H/1.1 200
OK tiny.js Show response
static.infoglobo.com.br/paywall/js/ 168 KB
35 KB 632ms
210ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 074e49072fb7b95866451c62f6ae142cc9f3a61523ec54cd62e0af1bcfb1ed8d

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:08:39 GMT
Content-Encoding: gzip
Age: 407
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 35020
Last-Modified: Tue, 23 Mar 2021 15:09:04 GMT
Server: Apache
ETag: "a04c45ab-29f48-5be35901e4400"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 4527

GET
H/1.1 200
OK infg_id_globoid.js Show response
ogjs.infoglobo.com.br/plataforma/js/117/minificados/autenticacao/ 7 KB
3 KB 635ms
212ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/plataforma/js/117/minificados/autenticacao/infg_id_globoid.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

20db0c3bf43a575df4a5994bd255ba98995de504caf4e42bf69c4099322c570d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656157
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2567
Last-Modified: Fri, 18 Dec 2020 15:27:58 GMT
Server: Apache
ETag: W/"7107-1608305278000-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 3395392

GET
H/1.1 200
OK onesignal.js.pagespeed.ce.uaeqHGs6RK.js Show response
ogjs.infoglobo.com.br/117/scripts/ 639 B
865 B 211ms
211ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/onesignal.js.pagespeed.ce.uaeqHGs6RK.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

b58e022100b6ae68908b62f2edd7138fb33b2c7c43eaf7fd574ff72e2d2f1895

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 639
Age: 3656163
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 320
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Feb 2022 13:38:18 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 3835606

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/ 110 KB
25 KB 29ms
27ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: de801a6f991d316f47266c418f572a480f52ef28c983cb1f1049f58d7559b180

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:20 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 19:19:57 GMT
server: AkamaiNetStorage
etag: "d7e5de2927385fdfd873708ca5bbdcc2:1616527196.860381"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 24958
expires: Tue, 23 Mar 2021 21:19:20 GMT

GET
H/1.1 200
OK WhitmanDisplayCond-ExtraBold.woff
ogcss.infoglobo.com.br/114/font/ 25 KB
26 KB 630ms
211ms Font
application/font-woff 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogcss.infoglobo.com.br/114/font/WhitmanDisplayCond-ExtraBold.woff

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

090240ec0c1e2cad051eb931eaca0bb7f30a9c0e52c9cc727dc86aa0160a9810

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 12:22:14 GMT
Content-Encoding: gzip
Age: 2883126
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 25625
Last-Modified: Wed, 17 Feb 2021 17:50:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0457bf2-6514-5bb8bda9b1c80"
Vary: Accept-Encoding
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 2617571

GET
H/1.1 200
OK utilGTM.js.pagespeed.ce.0QE705dSjY.js Show response
ogjs.infoglobo.com.br/9876543210/js/include/ 2 KB
1 KB 636ms
212ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/9876543210/js/include/utilGTM.js.pagespeed.ce.0QE705dSjY.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

7563541499e034f86ffe7537dc7ee368729ae7273a76525ea85666659ebd9aa1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 15:37:36 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Original-Content-Length: 1821
Age: 4253804
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 636
Last-Modified: Thu, 28 Jan 2021 16:24:20 GMT
Server: Apache
Etag: W/"0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 02 Feb 2022 15:37:36 GMT
cache-control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 4032093

GET
H/1.1 200
OK autenticacao.js Show response
oglobo.globo.com/plataforma/js/117/minificados/cadastro/ 5 KB
3 KB 211ms
211ms Script
text/javascript 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/plataforma/js/117/minificados/cadastro/autenticacao.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

0b57ae004a5c9c85e175d027c7a2f15c2a0fd6dd39bb538fd1230119511544aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:20 GMT
Content-Encoding: gzip
Age: 3656159
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 1714
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 18 Dec 2020 15:27:58 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: W/"5272-1608305278000-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 1310505

GET
H2 200 lgpd-lib.min.js Show response
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 46 KB
15 KB 217ms
215ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.js
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 655e8547a0f057f68c1a3bbe78d65bcdaee6bc402814d11e3b6fc1da6e0d9dfc

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-openstack-request-id: txd8f3d655745a4d80b9710-00605a2361
last-modified: Wed, 24 Feb 2021 17:18:00 GMT
x-thanos: 0A823005
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-timestamp: 1614187079.14110
cache-control: public, max-age=86400
x-trans-id: txd8f3d655745a4d80b9710-00605a2361
x-request-id: 857d7909-ea1e-444a-979e-8b4a69fe3706

GET
H3-Q050 200 pubads_impl_2021031701.js Show response
securepubads.g.doubleclick.net/gpt/ 285 KB
100 KB 34ms
32ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 08:39:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102424
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:21 GMT

GET
H/1.1 200
OK player-fb.js Show response
ogjs.infoglobo.com.br/117/scripts/modules/player/ 3 KB
1 KB 214ms
212ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/modules/player/player-fb.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

c97f73c766e717d6cd3f5f361b965072347db7d8130231f641d7e327b9ebaab6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/video-player.min.js.pagespeed.ce.16r0dwCjyk.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656159
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 993
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a057dad3-c93-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 3659918

GET
H/1.1 200
OK player-youtube.js Show response
ogjs.infoglobo.com.br/117/scripts/modules/player/ 4 KB
2 KB 213ms
212ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/modules/player/player-youtube.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

0def64e72f1672682ec354455902da3da696b47b666312e6b527cd1bc338abc5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/video-player.min.js.pagespeed.ce.16r0dwCjyk.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656162
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1163
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a063ed5b-e52-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 3774162

GET
H/1.1 200
OK player-gcom.js Show response
ogjs.infoglobo.com.br/117/scripts/modules/player/ 3 KB
1 KB 212ms
210ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/modules/player/player-gcom.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

f7211af27ad06f36979ee7affa38ccc69a3606d0c817fba38c95b1a86f386249

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/video-player.min.js.pagespeed.ce.16r0dwCjyk.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656162
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 863
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a0535551-c5a-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 3733183

GET
H/1.1 200
OK observer.js Show response
ogjs.infoglobo.com.br/117/scripts/ 826 B
834 B 212ms
210ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/observer.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

aab86aae5b6c16c1f933242f51b0a0f2b271c8ce121cbf1c4ab26992a371098f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/video-player.min.js.pagespeed.ce.16r0dwCjyk.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:41:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656156
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 341
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a047e082-33a-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 3650406

GET
H/1.1 200
OK gallery-inline.js Show response
ogjs.infoglobo.com.br/117/scripts/modules/gallery/ 2 KB
1 KB 209ms
207ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/modules/gallery/gallery-inline.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

a458f23b677473bc3c451f9ad5c787833d1e3184e0f619ca9cef54920d834250

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/photo-gallery-inline.min.js.pagespeed.ce._oNKisBGPT.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656157
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 716
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a050eb63-8e2-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 3306931

GET
H/1.1 200
OK newsletter-success.js Show response
ogjs.infoglobo.com.br/117/scripts/templates/ 465 B
754 B 210ms
207ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/templates/newsletter-success.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

a28e50349ea796322ab3a962bb46e8ab067021cc1fca46f44b5c97848b41be93

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/newsletter.min.js.pagespeed.ce.LQE07pqBEl.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656156
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 261
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a05fa080-1d1-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 3588618

GET
H/1.1 200
OK feed.js Show response
ogjs.infoglobo.com.br/117/scripts/templates/ 1 KB
1 KB 417ms
207ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/templates/feed.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

4f6253ed8b2f2cd1c583b8a2c00c48773bc3499348fb5ffcf88623d355e6fbfa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/article-feed.min.js.pagespeed.ce.CAlrg55eqe.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656155
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 536
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a060a856-59a-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 3091590

GET
H/1.1 200
OK advertising.js Show response
ogjs.infoglobo.com.br/117/scripts/templates/ 964 B
770 B 418ms
208ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/templates/advertising.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

e12ea3b76e382cfd15e2a3f112d6058bcf90251ad065272df99d0f5de3f65748

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/article-feed.min.js.pagespeed.ce.CAlrg55eqe.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656160
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 277
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a0532e29-3c4-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 3184853

GET
H/1.1 200
OK feed-image.js Show response
ogjs.infoglobo.com.br/117/scripts/templates/feed/ 291 B
683 B 423ms
210ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/templates/feed/feed-image.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

cf66b61bca0510837aaa251ca481767532561126a23c8b88933f6845a38e4adf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/article-feed.min.js.pagespeed.ce.CAlrg55eqe.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656162
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 190
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a0525e4d-123-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 3208717

GET
H/1.1 200
OK feed-author.js Show response
ogjs.infoglobo.com.br/117/scripts/templates/feed/ 105 B
604 B 425ms
210ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/templates/feed/feed-author.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

2c1d53dcc4196b860fe5e16e9d68225516aec542a6cc88037b1b01d9cfac5abb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/article-feed.min.js.pagespeed.ce.CAlrg55eqe.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656161
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 112
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a04d7044-69-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 3115111

GET
H/1.1 200
OK feed-esp-pub.js Show response
ogjs.infoglobo.com.br/117/scripts/templates/feed/ 127 B
626 B 426ms
211ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/templates/feed/feed-esp-pub.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

0ca03ba5e62191cd4b02e7d50fab01d9aea80eb989c28f14037ae858d3b64e34

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/article-feed.min.js.pagespeed.ce.CAlrg55eqe.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656159
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 134
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a035bdc1-7f-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 3162494

GET
H/1.1 200
OK feed-exclusive.js Show response
ogjs.infoglobo.com.br/117/scripts/templates/feed/ 326 B
720 B 427ms
211ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/templates/feed/feed-exclusive.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

84679104ae5c944ae050cbc63a766e7fc5fd6b452b52bd43eb1409a09e1abe4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/article-feed.min.js.pagespeed.ce.CAlrg55eqe.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656159
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 227
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a0327541-146-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 3128166

GET
H/1.1 200
OK login.js Show response
ogjs.infoglobo.com.br/117/scripts/ 3 KB
1 KB 625ms
208ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/login.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

e757b70cd73e6395853158e41ac29165458caaa29fc7bfa35df8f56d0e890683

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/comments.min.js.pagespeed.ce.uCPSA8I_3M.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656162
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1011
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a0118b6e-aac-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 3107569

GET
H/1.1 200
OK comment.js Show response
ogjs.infoglobo.com.br/117/scripts/ 2 KB
1 KB 625ms
208ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/comment.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

617ad6cb6673e4c4b16a3e052460545087268544bc48bcedc73c1da3d57ef2b8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/comments.min.js.pagespeed.ce.uCPSA8I_3M.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656160
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 742
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a059f5ab-95b-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 3159337

GET
H/1.1 200
OK comment-form.js Show response
ogjs.infoglobo.com.br/117/scripts/ 6 KB
2 KB 632ms
210ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/comment-form.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

51af72617c6b7e3c7f630205a43d8a4b48bf5218649e3ba43c57f2dc86fc839d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/comments.min.js.pagespeed.ce.uCPSA8I_3M.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656159
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1460
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a036c14b-1621-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 3158678

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 238 KB
64 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54BR4R

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf6e8e99637ae7b71cd78cc5d62076b6f9816f14651352e715f6c0418cfe6985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65668
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:21 GMT

GET
H2 200 profiling.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/ 95 KB
29 KB 415ms
415ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2c2b580e6548a93a351691b595d7e5d17db4e3a757365e263fd5843c4e2666de

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-openstack-request-id: tx48c523f654b1405bbf49e-00605a59ca
last-modified: Mon, 08 Mar 2021 16:59:22 GMT
x-thanos: 0A823005
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1615222761.46405
cache-control: public, max-age=180
x-trans-id: tx48c523f654b1405bbf49e-00605a59ca
x-request-id: 0921289d-8455-4ca3-a4d2-573b2b67d54e

GET
H2 200 tm13574.js Show response
tag.navdmp.com/ 16 KB
5 KB 19ms
19ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13574.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23b7ebc89f2b130802fc2dbcfe5d9fbe743a2b80e4f74c231614987aa64a4b2a

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2001
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 090289584a0000646d4c2bf000000001
last-modified: Mon, 06 Apr 2020 21:16:47 GMT
server: cloudflare
etag: W/"5e8b9c3f-41e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 634aab3a09c4646d-FRA
expires: Tue, 23 Mar 2021 21:41:00 GMT

GET
H/1.1 200
OK 15688_oglobo.js Show response
ads.rubiconproject.com/prebid/ 240 KB
75 KB 24ms
23ms Script
text/javascript 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 605cb426f0098adc4f55d04db37e8c0e35ad11643ed6bf4e81bc078216536ff1

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 20:47:29 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=4474
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76784
Expires: Tue, 23 Mar 2021 22:28:55 GMT

GET
H2 200 horizon-common-hit.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 40 KB
14 KB 598ms
598ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 5d90a69886e42a4e9f0846d4c1f9f23dcdc75408c46d2b846ec126767cd67a1a

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-openstack-request-id: tx9300722eeaa2420ea9f51-00605a5389
last-modified: Mon, 22 Feb 2021 20:44:40 GMT
x-thanos: 0A823005
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1614026679.84797
cache-control: max-age=86400
x-trans-id: tx9300722eeaa2420ea9f51-00605a5389
x-request-id: f0129350-4623-4936-bec9-555353a6dccb

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 211ms
211ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=201810192058

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 885032565 al25 39 03
age: 1628
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: 0cab89ce-0ddd-4afe-8725-42495f8cfd94
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0A821C04
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Tue, 23 Mar 2021 21:47:13 GMT

GET
H/1.1 200
OK logos.svg
oglobo.globo.com/103/images/ 51 KB
22 KB 211ms
211ms Other
image/svg+xml 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/103/images/logos.svg

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

4e64dc454c64e5e966049acaf2927518c4ca3780ebc5f317c9fe3675f3f95484

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 12:44:23 GMT
Content-Encoding: gzip
Age: 3573167
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 21293
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 05 Feb 2021 17:05:12 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a0426124-cae7-5ba99d2be4200"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 1621526

GET
H/1.1 200
OK icons.svg
oglobo.globo.com/103/images/ 18 KB
7 KB 621ms
210ms Other
image/svg+xml 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/103/images/icons.svg

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

4dc5c62e82198cbd8f0c6b014cb781090362a7261727e4e94af67d4530c2fdcf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 12:42:24 GMT
Content-Encoding: gzip
Age: 3573117
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 6187
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 05 Feb 2021 17:05:10 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a042fd33-49b0-5ba99d29fbd80"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 1622187

GET
H/1.1 200
OK article.svg
oglobo.globo.com/103/images/ 16 KB
5 KB 635ms
215ms Other
image/svg+xml 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/103/images/article.svg

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

ce3cd6ca8329615550e0d1a11922eaf81e1adbcd7b9e778cd5c35a3f24c0bf2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 12:42:22 GMT
Content-Encoding: gzip
Age: 3573119
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 4675
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 05 Feb 2021 17:05:10 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a0091926-405d-5ba99d29fbd80"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 1081932

GET
H/1.1 200
OK o-yellow.svg
ogcss.infoglobo.com.br/images/src/assets/ 291 B
680 B 207ms
207ms Image
image/svg+xml 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogcss.infoglobo.com.br/images/src/assets/o-yellow.svg

Requested by

Host: ogcss.infoglobo.com.br
URL: https://ogcss.infoglobo.com.br/114/styles/article.min.css.pagespeed.ce.mtLI9fNgQv.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

eb9773e5213a5136d7c72fe6937ee8eb47d890cd304a480d0302a4f693d5f8b8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ogcss.infoglobo.com.br/114/styles/article.min.css.pagespeed.ce.mtLI9fNgQv.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Feb 2021 19:27:45 GMT
Content-Encoding: gzip
Age: 3721769
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 194
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a062dbf3-123-5ba99cddb0980"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 3263619

GET
H/1.1 200
OK WhitmanDisplayCond-ExtraBold.woff
ogcss.infoglobo.com.br/font/ 25 KB
26 KB 211ms
209ms Font
application/font-woff 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogcss.infoglobo.com.br/font/WhitmanDisplayCond-ExtraBold.woff

Requested by

Host: ogcss.infoglobo.com.br
URL: https://ogcss.infoglobo.com.br/114/styles/article.min.css.pagespeed.ce.mtLI9fNgQv.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

090240ec0c1e2cad051eb931eaca0bb7f30a9c0e52c9cc727dc86aa0160a9810

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogcss.infoglobo.com.br/114/styles/article.min.css.pagespeed.ce.mtLI9fNgQv.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 13:58:42 GMT
Content-Encoding: gzip
Age: 4000538
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 25625
Last-Modified: Thu, 28 Jan 2021 16:24:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a04f1e87-6514-5b9f851dcb500"
Vary: Accept-Encoding
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 3372744

GET
H/1.1 200
OK xhacking-1685092_1280.jpg.pagespeed.ic.9xcDmPuB6Z.jpg
ogimg.infoglobo.com.br/in/24911282-108-3f3/FT1086A/ 81 KB
80 KB 213ms
213ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/24911282-108-3f3/FT1086A/xhacking-1685092_1280.jpg.pagespeed.ic.9xcDmPuB6Z.jpg

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

e611b3761183e4c4c2ed014d8151f053f43de00db700287377417df654ca1485

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 12:53:33 GMT
Content-Encoding: gzip
X-Original-Content-Length: 85587
Age: 1326047
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
X-Cache-Hits: 65
Connection: Keep-Alive
Link: <https://ogimg.infoglobo.com.br/in/24911282-108-3f3/FT1086A/hacking-1685092_1280.jpg>; rel="canonical"
Last-Modified: Mon, 08 Mar 2021 12:38:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31536000, no-transform, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Tue, 08 Mar 2022 12:38:34 GMT

GET
H/1.1 200
OK Logger
analysis.infoglobo.com.br/analysis-logger/ 42 B
189 B 631ms
208ms Image
image/gif 131.0.25.211
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analysis.infoglobo.com.br/analysis-logger/Logger?rt=1&ctxId=2270&pubId=425472&cat=economia&meta=read-materia&objId=24911257&type=article&title=Dez+milh%c3%b5es+de+senhas+de+brasileiros+s%c3%a3o+expostas+em+megavazamento+global&url=https%3a%2f%2foglobo.globo.com%2feconomia%2fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&clientDT=1616534061227
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.0.25.211 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-211.prt.globo.com
Software: Apache-Coyote/1.1 /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:21 GMT
Server: Apache-Coyote/1.1
Connection: close
Content-Length: 42
Content-Type: image/gif

GET
H2 200 usr Show response
usr.navdmp.com/ 76 B
288 B 144ms
143ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 084ed547b50032cc86e707cc5d21a3e0fcde20ae4bec1c16d783ce1e7f288bf9

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 634aab3b7a3a646d-FRA
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
cf-request-id: 09028959290000646d5e1d8000000001
expires: Tue, 23 Mar 2021 22:14:21 GMT

GET
H/1.1 200
OK gallery.js Show response
ogjs.infoglobo.com.br/117/scripts/modules/gallery/ 6 KB
2 KB 342ms
211ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/modules/gallery/gallery.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

1c01922a91ba20f51233415617a84bf8a9428d435209a3652885d2ed2a5a0a51

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/modules/gallery/gallery-inline.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656163
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1439
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a03e057e-1852-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 3676424

GET
H/1.1 200
OK player.js Show response
ogjs.infoglobo.com.br/117/scripts/modules/player/ 1 KB
1 KB 345ms
212ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/modules/player/player.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

841c35c906471ee846da36387953cacea70508642db6435125f050cc1ca5552d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/modules/player/player-gcom.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656162
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 562
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a06534e4-5a9-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 3674266

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
830 B 6ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210323

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3042a8fdefa74cb852cea02334627e300052c0caefb629ebdefedac6af6bc434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 36664
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 761
etag: W/"540-/BivonAY4PMSLQGyExBletihISc"
x-served-by: cache-fra19157-FRA, cache-hhn4051-HHN
date: Tue, 23 Mar 2021 21:14:21 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54BR4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4306
date: Tue, 23 Mar 2021 20:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Mar 2021 22:02:35 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 35 KB
14 KB 33ms
32ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54BR4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

4389b6324bc268e491e848bda6ed79bced0dfd27eed8a3bba5064ce8dc31607c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13767
x-xss-protection: 0
server: cafe
etag: 4700590750665290582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 21:14:21 GMT

GET
H2 200 hotjar-83015.js Show response
static.hotjar.com/c/ 4 KB
2 KB 26ms
25ms Script
application/javascript 13.226.159.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-83015.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54BR4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-100.dus51.r.cloudfront.net

Software

Resource Hash

848671de5f4be979d9bf84202ea17a37b0d04331ddca386a9d89a276d2527a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 26
etag: W/8ac8889de26de5a49b0570aae1afcf5a
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: DUS51-C1
content-length: 1600
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
x-amz-cf-id: 8G_gfUmrPhU5eb-SXkMd_JI1kD4pG29fIXO-j7kTcRqqbwLkbteCag==

GET
H2 200 ivc.js Show response
gadasource.storage.googleapis.com/ 71 KB
24 KB 7ms
7ms Script
text/plain 2a00:1450:4001:827::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gadasource.storage.googleapis.com/ivc.js
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:42:33 GMT
content-encoding: gzip
age: 1908
x-guploader-uploadid: ABg5-UzN5ZosAARpk9fPRGMG81bGs56MkLtUkV3lq6VABXk5wvopjLf4_xZvxgWc4zKVmEdWO6Ximfi9RO2iuJAgi7I
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24321
last-modified: Mon, 02 Sep 2019 19:50:51 GMT
server: UploadServer
etag: "cdaa61cbc24c48191196b45b31a7e18b"
vary: Accept-Encoding
x-goog-hash: crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
x-goog-generation: 1567453851562424
cache-control: public, max-age=3600
x-goog-stored-content-length: 24321
accept-ranges: bytes
content-type: text/plain
expires: Tue, 23 Mar 2021 21:42:33 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66955b5087d6bed94ec817454ae7b1a4933a9fd7e080057db23a979c00807c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gCHIf36e7gANMRew9Np0zQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2118
x-fb-rlafr: 0
x-fb-debug: jNeX3PUB2IdD+gprnpypRJEaKe524LwMbRUPZsS93ehTiIrQIngMxNC172nBXVVj9usihJKyBfVpjxjQvqRXAg==
x-fb-trip-id: 686109401
x-fb-content-md5: 7d67bc49f1d8e800362633d66a4358aa
x-frame-options: DENY
etag: "8e6ea3d0be35e26a15885ad6aa086b7d"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 21:16:29 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

25ms
24ms

Script
application/javascript

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 74847
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1616534062.585319,VS0,VE0
x-served-by: cache-fra19154-FRA

Redirect headers

x-tw-cdn: VZ
Date: Tue, 23 Mar 2021 21:14:21 GMT
Server: ECS (amb/6BC1)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Content-Length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: J4U6fLfHaBIxx+jnxgX8FEsAgM7P35FI/wHAu/PIGkPLaHRChc3vu8mIWT75zJxjCudL6Fu7J0R0Sb9TMXW6zg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 23 Mar 2021 21:14:21 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 2v84n8g15c1895dv.js Show response
cdn.petametrics.com/ 163 KB
56 KB 61ms
30ms Script
application/javascript 146.88.138.85
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/2v84n8g15c1895dv.js?ts=449037
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.88.138.85 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 971a68b3449c49ae5cda00d562c132ec945d7d57d065f53b8e694c831d69cc40

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Feb 2021 06:28:41 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: B367E77P2NE1BF36
ETag: W/"cbfd91b4b9f9ca8b2f06aa463d5313af"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
x-amz-version-id: 9Bj1GTVk.gg.49cCDoK3.IZ_7Ko2oTsi
x-amz-id-2: cgKvgVzLZSqekIOx1R7DMpctlIQ6WqZkvSaHIfsji70RTpnS0CwDYyhKwRDh7TmC6FTyekrtvbQ=
Expires: Tue, 30 Mar 2021 21:14:21 GMT

GET
H2 200 init.js Show response
api.deep.bi/v3/ 67 KB
20 KB 27ms
24ms Script
application/javascript 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v3/init.js
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5994a2619dd3523146b0f5d13fc32f78bd6b71d8a8b0cd4552a36020c0abe32b

Request headers

Origin: https://oglobo.globo.com
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3598
x-rgn: lb04-agwc01.prod-deep.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-if-error=3600
x-server: tr14-aneu01.prod-deep.com
access-control-allow-credentials: true
cf-ray: 634aab3cdb17073e-FRA
cf-request-id: 0902895a060000073e1123f000000001

GET
H2 200 horizon-client-js.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 11 KB
4 KB 214ms
214ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=201810192058
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-openstack-request-id: txab20bdad644f4088956a0-00605a5878
last-modified: Fri, 13 Nov 2020 17:21:38 GMT
x-thanos: 0A823005
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1605288097.88717
cache-control: public, max-age=600
x-trans-id: txab20bdad644f4088956a0-00605a5878
x-request-id: 5e881d4c-51d2-4bf7-9e6a-25c89ae051e1

GET
H2 200 utag.1.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/ 5 KB
2 KB 22ms
22ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.1.js?utv=202010011440
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0d3e1ab21a8c565d63e5edb8d9f9286c110271f186ae66a10628cd0f5a3ae48a

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2021 14:46:46 GMT
server: AkamaiNetStorage
etag: "f73faab6583a0a4ea76cad6d8afae870:1610117206.504166"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1996
expires: Wed, 07 Apr 2021 21:14:21 GMT

GET
H2 200 utag.159.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/ 1 KB
927 B 22ms
22ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.159.js?utv=201911252026
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a7c39868fc1fc707911067e2198b65860f351942aa5fdca625d52b24de8545bb

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2021 14:46:45 GMT
server: AkamaiNetStorage
etag: "cc2306e0f9a6ea18b631d36b225520c0:1610117205.684899"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 698
expires: Wed, 07 Apr 2021 21:14:21 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
162 B 14ms
14ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://oglobo.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
91 B 14ms
14ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://oglobo.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 17ms
14ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-51216819-1&cid=241461513.1616534062&jid=1660995180&gjid=1830163028&_gid=1971791220.1616534062&_u=YGBAgEABAAQCAE~&z=347423285

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Mar 2021 21:14:21 GMT
content-type: text/plain
access-control-allow-origin: https://oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=510178251&t=pageview&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&ul=en-us&de=UTF-8&dt=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%20-%20Jornal%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAQC~&jid=1660995180&gjid=1830163028&cid=241461513.1616534062&tid=UA-51216819-1&_gid=1971791220.1616534062&gtm=2wg3h054BR4R&tc=x&cd1=24911257&cd2=&cd3=megavazamento%20de%20senhas&cd4=20210305&cd5=16&cd6=&cd7=Andr%C3%A9%20Machado%20e%20Carolina%20Br%C3%ADgido&cd8=&cd9=Materia&cd10=N%C3%A3o&cd11=14&cd12=0&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd45=(direto%2Findefinido)&cd46=viral&cd60=N%C3%A3o&cd82=desktop&cd83=Andr%C3%A9%20Machado&cd52=241461513.1616534062&z=599281671

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 02:41:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064234515/ 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064234515/?random=1616534061579&cv=9&fst=1616534061579&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&ig=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&tiba=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%20-%20Jornal%20O%20Globo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bddafdc733df0484df8781cdf65cb202ddbba45a673be66993c85f20b373f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1151
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/984971963/ 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984971963/?random=1616534061582&cv=9&fst=1616534061582&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&ig=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&tiba=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%20-%20Jornal%20O%20Globo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3532368672f2dd90d43874177bbfd3996d3b543a61954b6161551d0e64c4ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1150
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-51216819-1&cid=241461513.1616534062&jid=1660995180&_u=YGBAgEABAAQCAE~&z=1049118350

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-51216819-1&cid=241461513.1616534062&jid=1660995180&_u=YGBAgEABAAQCAE~&z=1049118350

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=705216002929827&ev=PixelInitialized&dl=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&rl=&if=false&ts=1616534061620

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 21:14:21 GMT

GET
H2 200 modules.80e35cdf321570eb5b34.js Show response
script.hotjar.com/ 217 KB
58 KB 25ms
25ms Script
application/javascript 13.226.159.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.80e35cdf321570eb5b34.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-83015.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-122.dus51.r.cloudfront.net

Software

Resource Hash

9cd92ccf84ca6c2adcb7691de026ae46f47632e344b71ee6e08c43f38f0a59f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 471014
x-cache: Hit from cloudfront
content-length: 58627
access-control-allow-origin: *
last-modified: Thu, 18 Mar 2021 10:23:26 GMT
etag: "4a7c1a7cb16c5ef7e63405bd6f9a943a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: NA1ouQzydZTkwKQ-2nIj8RcZFUhlAuRhopzfBClRY_uy-HkxPIZDww==

GET
H/1.1 200
OK util.js Show response
ogjs.infoglobo.com.br/117/scripts/ 843 B
875 B 212ms
212ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/util.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

3e08a640ef9883ed1ca227f5b6c8507b8d160c4b776eb4c3fd1643c46ba202de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/login.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:41:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656161
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 382
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a03b76a5-34b-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 3106021

GET
H/1.1 200
OK comment.js Show response
ogjs.infoglobo.com.br/117/scripts/templates/ 753 B
831 B 212ms
211ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/templates/comment.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

875ff40dceb5fcc7db6c433a14d4717a9111f91e954806a589b184dd6f3a37ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/comment.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656157
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 338
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a0598598-2f1-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 3108779

GET
H2 200 410270039520634 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/410270039520634?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

36e1bcc9b989fb6db187e1d90a156fc7610258d76b75d60db846cac5e1773a0a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70528
x-fb-rlafr: 0
pragma: public
x-fb-debug: F7f/zQJSOIvT8YGp7ID1x7nnamogOysEC96LZwzTrMdQELLu6/EpdqLWRwF0B+tjffwpg2/zuuZ+KdcdIUmyUA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 23 Mar 2021 21:14:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK comment-form.js Show response
ogjs.infoglobo.com.br/117/scripts/templates/ 1 KB
963 B 211ms
210ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/templates/comment-form.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

faf876a2056667d7be18d07acc5aa32c406762eedf238f5f4265d62ba556a67d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/comment-form.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656160
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 470
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a0367ec7-451-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 3139292

GET
H/1.1 200
OK reported-message.js Show response
ogjs.infoglobo.com.br/117/scripts/templates/ 442 B
752 B 208ms
207ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/templates/reported-message.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

53edae990b0214fb99cb7fca9f88adf887f8381420005dd822b8f29d8e45e47a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/comment-form.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656159
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 259
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a060f0d5-1ba-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 3096954

GET
H/1.1 200
OK es-carousel.js Show response
ogjs.infoglobo.com.br/117/scripts/es-carousel/ 4 KB
2 KB 208ms
207ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/es-carousel/es-carousel.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

7ceb84bb889cfdbf56768d6100b3c60b575ca2e737f11036ad84f716ab48828f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/modules/gallery/gallery.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656156
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1123
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a03f893a-1029-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 3570912

GET
H/1.1 200
OK swipe.js Show response
ogjs.infoglobo.com.br/117/scripts/ 2 KB
1 KB 212ms
211ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/117/scripts/swipe.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

31330177e8991a53d548dcf34f40562743e2aee089111546e19abeebdcc0031c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://oglobo.globo.com
Referer: https://ogjs.infoglobo.com.br/117/scripts/modules/gallery/gallery.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 13:38:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 3656159
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 683
Last-Modified: Fri, 05 Feb 2021 17:03:50 GMT
Server: Apache
ETag: "a059f93b-805-5ba99cddb0980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 3647294

GET
H2 200 adsct
t.co/i/ 43 B
170 B 193ms
193ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=l67dw&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 172
pragma: no-cache
last-modified: Tue, 23 Mar 2021 21:14:21 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 93165813ed91298ca182a6f431e7be59
x-transaction: 0089ab5c00a23887
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 __inventory.gif
query.petametrics.com/v1/ 35 B
93 B 114ms
113ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v1/__inventory.gif?ts=1616534061656&jsk=2v84n8g15c1895dv&jsv=20210217&cu=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&item=%7B%22published_time%22%3A%5B%222021-03-05T16%3A59%3A35-03%3A00%22%5D%2C%22modified_time%22%3A%5B%222021-03-07T08%3A39%3A35-03%3A00%22%5D%2C%22publisher%22%3A%5B%22115230991849922%22%5D%2C%22section%22%3A%5B%22Economia%22%5D%2C%22tag%22%3A%5B%22Economia%22%2C%22megavazamento%20de%20senhas%22%5D%2C%22type%22%3A%5B%22article%22%5D%2C%22title%22%3A%5B%22Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%22%5D%2C%22description%22%3A%5B%22No%20total%2C%20mais%20de%203%20bilh%C3%B5es%20delas%20foram%20vazadas%20no%20mundo.%20%C3%93rg%C3%A3os%20de%20governo%20como%20C%C3%A2mara%20e%20STF%20e%20estatais%20foram%20afetados%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257%22%5D%2C%22image%22%3A%5B%22https%3A%2F%2Fogimg.infoglobo.com.br%2Fin%2F24911282-108-3f3%2FFT1086A%2Fhacking-1685092_1280.jpg%22%5D%2C%22locale%22%3A%5B%22pt_BR%22%5D%2C%22site_name%22%3A%5B%22O%20Globo%22%5D%2C%22image145%22%3A%5B%22https%3A%2F%2Fogimg.infoglobo.com.br%2Fin%2F24911282-108-3f3%2FFT1086A%2F90%2Fhacking-1685092_1280.jpg%22%5D%2C%22authors%22%3A%5B%22Andr%C3%A9%20Machado%20e%20Carolina%20Br%C3%ADgido%22%5D%2C%22category%22%3A%5B%22oglobo-economia%22%5D%2C%22protected%22%3A%5B%220%22%5D%2C%22teaser%22%3A%5B%220%22%5D%2C%22image105%22%3A%5B%22https%3A%2F%2Fogimg.infoglobo.com.br%2Fin%2F24911282-108-3f3%2FFT460B%2F110%2Fhacking-1685092_1280.jpg%22%5D%2C%22sponsored%22%3A%5B%220%22%5D%2C%22content_type%22%3A%5B%22article%22%5D%7D&ttl=0
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html Show response
vars.hotjar.com/ Frame 61A3 2 KB
1 KB 27ms
26ms Document
text/html 13.226.159.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-83015.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-100.dus51.r.cloudfront.net
Software: /
Resource Hash: 66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Response headers

content-type: text/html
content-length: 851
date: Sun, 14 Feb 2021 22:59:58 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Fri, 12 Feb 2021 15:00:08 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: kxq4E0ZCKpISjoqpthWApT1qnWmyim-CK1Uan-XwLM8e9GraTSZzFw==
age: 3190463

GET
H2 200 cadun.js Show response
s.glbimg.com/pc/ca/ 14 KB
6 KB 212ms
212ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/cadun.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 883895383 al25 39 03
age: 152912
content-length: 5547
x-xss-protection: 1; mode=block
x-request-id: 76bd4d92-6de0-48cb-bcbe-c3523e19ff29
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0A821C04
etag: W/"6011d1fe-3759"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 29 Mar 2021 02:45:49 GMT

GET
H2 200 tv4.min.js Show response
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 28 KB
10 KB 216ms
216ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-openstack-request-id: txc0ff871334d14c1993af3-00600af26f
last-modified: Fri, 25 May 2018 14:11:50 GMT
x-thanos: 0A823005
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1527257509.32548
cache-control: public, max-age=31536000
x-trans-id: txc0ff871334d14c1993af3-00600af26f
x-request-id: 46a4db31-4f30-4a8e-8337-41a44d3fab8d

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
146 B 16ms
16ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=53860175106
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://oglobo.globo.com
date: Tue, 23 Mar 2021 21:14:21 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 512 B
2 KB 53ms
52ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280410&zone_id=1398992&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&tg_i.aupName=%2F85042905.*%26pub-super.*&tg_i.adunit=info.web.oglobo%2Feconomia%2Fmateria&tg_i.page_name=Materia&tg_i.platform=desktop&tg_i.dfp_ad_unit_code=85042905%2Finfo.web.oglobo%2Feconomia%2Fmateria&tg_i.pbadslot=85042905%2Finfo.web.oglobo%2Feconomia%2Fmateria&tk_flint=dmpbjs_v4.29.0&x_source.tid=b9f7a169-1e74-4d8c-84cb-02a99214efa2&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.21562767609182765
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6effca717b96e01df14f62a31f203fc6872a3d02d03260b871b80c6587857dfc

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 21:14:21 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 512
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 78 B
543 B 82ms
82ms XHR
application/json 34.96.106.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.106.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3647a7782f8e2b75d31cfe8fb6832dcdde93ae29c1705d4de14bab7414124e76

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag: W/"4e-weA3kwMxkqAt7noXoQs7QRVpo7c"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://oglobo.globo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
802 B 8ms
7ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210323

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3042a8fdefa74cb852cea02334627e300052c0caefb629ebdefedac6af6bc434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 36664
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 761
etag: W/"540-/BivonAY4PMSLQGyExBletihISc"
x-served-by: cache-fra19157-FRA, cache-hhn4051-HHN
date: Tue, 23 Mar 2021 21:14:21 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sexqhznbn.js Show response
cdn.krxd.net/controltag/ 74 KB
21 KB 24ms
24ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.159.js?utv=201911252026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8ce1050c30402d547132ceb641be9f0461831425f1595b285c151e4be6e5bc82

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 23 Mar 2021 21:14:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 789
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 20812
x-served-by: config-service-a006-ash-prod.krxd.net, cache-bwi5137-BWI, cache-fra19120-FRA
x-response-time: 1
x-do-esi: esi
x-timer: S1616534062.819307,VS0,VE0
etag: "b028d0b8c284e9c643ffebe5d6fa0a3ba0f7bf66"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 2, 9

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
243 B 22ms
21ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=globo/infoglobo.oglobo/202103231919&cb=1616534061790
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 22
expires: Tue, 23 Mar 2021 21:24:21 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1064234515/ 42 B
89 B 21ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1064234515/?random=1616534061579&cv=9&fst=1616533200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&tiba=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%20-%20Jornal%20O%20Globo&async=1&fmt=3&is_vtc=1&random=3816771631&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1064234515/ 42 B
89 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1064234515/?random=1616534061579&cv=9&fst=1616533200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&tiba=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%20-%20Jornal%20O%20Globo&async=1&fmt=3&is_vtc=1&random=3816771631&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/984971963/ 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/984971963/?random=1616534061582&cv=9&fst=1616533200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&tiba=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%20-%20Jornal%20O%20Globo&async=1&fmt=3&is_vtc=1&random=257384255&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/984971963/ 42 B
66 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/984971963/?random=1616534061582&cv=9&fst=1616533200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&tiba=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%20-%20Jornal%20O%20Globo&async=1&fmt=3&is_vtc=1&random=257384255&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 792893547449051 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/792893547449051?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

22f61e3c92503da4251e64188b02643249d7f286ba317fb0f3c7e2fc1d441feb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70519
x-fb-rlafr: 0
pragma: public
x-fb-debug: L0LGXHvluhWKCw+ALauIOpgQDefpy/jKR3Wvzy7Ia6c6Ke8S0GH42M4w2Uq0adBaCEYgu/5+OPkgxza6ZzrE8w==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Mar 2021 21:14:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=PageView&dl=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&rl=&if=false&ts=1616534061815&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616534061813.34313913&it=1616534061627&coo=false&tm=1&rqm=GET

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 21:14:21 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=ContentData&dl=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&rl=&if=false&ts=1616534061817&cd[idMateria]=24911257&cd[dtPublicacao]=20210305&cd[tipoConteudo]=Materia&cd[conteudoExclusivo]=N%C3%A3o&cd[editoria]=Economia&cd[topicos]=&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1616534061813.34313913&it=1616534061627&coo=false&tm=2&rqm=GET

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 21:14:21 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=ViewContent&dl=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&rl=&if=false&ts=1616534061817&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1616534061813.34313913&it=1616534061627&coo=false&tm=1&rqm=GET

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 21:14:21 GMT

GET
H/1.1 200
OK xvaz.jpg.pagespeed.ic.bv_7ZgLm5P.jpg
ogimg.infoglobo.com.br/in/24911287-a37-c29/FT1086A/ 218 KB
219 KB 574ms
212ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/24911287-a37-c29/FT1086A/xvaz.jpg.pagespeed.ic.bv_7ZgLm5P.jpg

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

0795dfcc44723e8a1ed4048e1052d5f2f30a8e0723f3904e98cab476cec518c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 18:51:48 GMT
Content-Encoding: gzip
X-Original-Content-Length: 226607
Age: 1045354
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
X-Cache-Hits: 79
Connection: Keep-Alive
Link: <https://ogimg.infoglobo.com.br/in/24911287-a37-c29/FT1086A/vaz.jpg>; rel="canonical"
Last-Modified: Thu, 11 Mar 2021 18:51:08 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31536000, no-transform, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Fri, 11 Mar 2022 18:51:08 GMT

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 24ms
24ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
age: 3516137
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1635658
content-length: 84451
x-served-by: cache-fra19120-FRA
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1616534062.867180,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=792893547449051&ev=PageView&dl=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&rl=&if=false&ts=1616534061857&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616534061813.34313913&it=1616534061627&coo=false&tm=1&rqm=GET

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 21:14:21 GMT

GET
H/1.1 200
OK widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html Show response
platform.twitter.com/widgets/ Frame 41B7 320 KB
104 KB 14ms
14ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Foglobo.globo.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1124613
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Mar 2021 21:14:21 GMT
Etag: "e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105690

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 443 B
562 B 59ms
58ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1338409530693269&correlator=14484871389859&output=ldjh&impl=fif&eid=31060521%2C31060529%2C31060550%2C31060320%2C31060367%2C31060505%2C44739387&vrg=2021031701&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=85042905%2Cinfo.web.oglobo%2Ceconomia%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&prev_scp=Editora.pos%3DDhtml&eri=1&cust_params=ognCluster%3D%26kuid%3D%26Info.Entidades%3Dmegavazamento%2520de%2520senhas&cookie_enabled=1&bc=31&abxe=1&lmt=1616534061&dt=1616534061887&dlt=1616534060292&idt=971&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=7888&adks=2342169474&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x7845&msz=1600x1&ga_vid=241461513.1616534062&ga_sid=1616534062&ga_hid=510178251&ga_fc=false&fws=4&ohw=1600&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ab072ac2e55d0a50997943a7397b1cb68f21fb8345d8c6151b943c212d7e0b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 28ms
14ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 82 KB
27 KB 346ms
345ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1338409530693269&correlator=1091052393483416&output=ldjh&impl=fif&eid=31060521%2C31060529%2C31060550%2C31060320%2C31060367%2C31060505%2C44739387&vrg=2021031701&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=85042905%2Cinfo.web.oglobo%2Ceconomia%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C970x250%7C728x90%7C1190x250%7C1190x150%7C1x1&prev_scp=Editora.pos%3DTop%26Info.MatID%3D24911257%26Info.Topico%3D%26Editora.random%3D6&eri=1&cust_params=ognCluster%3D%26kuid%3D%26Info.Entidades%3Dmegavazamento%2520de%2520senhas&cookie_enabled=1&bc=31&abxe=1&lmt=1616534061&dt=1616534061893&dlt=1616534060292&idt=971&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=60&adks=429226297&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90&msz=970x90&ga_vid=241461513.1616534062&ga_sid=1616534062&ga_hid=510178251&ga_fc=false&fws=4&ohw=1600&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

279aa9b1a0e9a5684787c49ad0faa1e9e4e6bb05febf8c9b1150448f7b9bb6fc

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJjDn9Sqx-8CFbAMiwodIRsOWA&gqi=&layout=/sadbundle/%24csp%253Der3%24/8058503296653512518/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJjDn9Sqx-8CFbAMiwodIRsOWA&gqi=&layout=/sadbundle/%24csp%253Der3%24/8058503296653512518/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26878
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 23 Mar 2021 21:14:22 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
5 KB 87ms
87ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1338409530693269&correlator=3921151958884054&output=ldjh&impl=fif&eid=31060521%2C31060529%2C31060550%2C31060320%2C31060367%2C31060505%2C44739387&vrg=2021031701&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=85042905%2Cinfo.web.oglobo%2Ceconomia%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&prev_scp=Editora.pos%3DVitrine&eri=1&cust_params=ognCluster%3D%26kuid%3D%26Info.Entidades%3Dmegavazamento%2520de%2520senhas&cookie_enabled=1&bc=31&abxe=1&lmt=1616534061&dt=1616534061894&dlt=1616534060292&idt=971&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=7638&adks=3969380661&ucis=3&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x7845&msz=1600x250&ga_vid=241461513.1616534062&ga_sid=1616534062&ga_hid=510178251&ga_fc=false&fws=4&ohw=1600&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

23076f7ea599bf71a1736b52510210600d94a97c9c66a71103037dbd020d14b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4929
x-xss-protection: 0
google-lineitem-id: 5413036442
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317649844
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 64ms
64ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1338409530693269&correlator=84265052494982&output=ldjh&impl=fif&eid=31060521%2C31060529%2C31060550%2C31060320%2C31060367%2C31060505%2C44739387&vrg=2021031701&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=85042905%2Cinfo.web.oglobo%2Ceconomia%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&prev_scp=Editora.pos%3Din-image&eri=1&cust_params=ognCluster%3D%26kuid%3D%26Info.Entidades%3Dmegavazamento%2520de%2520senhas&cookie_enabled=1&bc=31&abxe=1&lmt=1616534061&dt=1616534061895&dlt=1616534060292&idt=971&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=7889&adks=1332086805&ucis=4&ifi=4&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x7845&msz=1600x1&ga_vid=241461513.1616534062&ga_sid=1616534062&ga_hid=510178251&ga_fc=false&fws=4&ohw=1600&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

4139d674da71559e7a6d40714e7c056cb7bf495b1a0b2235b623314b3bd35ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2650
x-xss-protection: 0
google-lineitem-id: 5490325143
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324997251
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK horizon-pageview
horizon.globo.com/auth-session/activity/oglobo/ 0
580 B 211ms
211ms Image
text/plain 131.0.25.68
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/oglobo/horizon-pageview?object=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&Referrer=&tags=&client_version=0.3.11

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.68 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-68.prt.globo.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:22 GMT
Server: nginx
Connection: keep-alive
X-Served-From: hzt-tsuru
Content-Length: 0
Strict-Transport-Security: max-age=60
Content-Type: text/plain; charset=UTF-8

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 41B7 183 B
240 B 185ms
184ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9e5985f2c2a7f5658f32dc29cdfc818bd86bd7c5

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Foglobo.globo.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 163
date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 21:14:22 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 07b1f58e031f99d43e5fd4407618be0a
strict-transport-security: max-age=631138519
content-length: 152

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E9F9 0
0 58ms
56ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRz666ngJzWUvoHgsOjulzrS5e73bNX65N86nEuT01TO-A6mVUWIQVS1hSBRj0cltC6XPSv_QYy87onHxI-maRML_WdIDNzvuaCAh0s8gkFCSOU6O3GFe6D_wVaD2Z-swNPczUrZX4K2Go5Aw3t01QNzemL1G1LCVsv_Y-7b9zv0Q_o4imUwQvkgvnzyFja56UJKdi2CKCsBIslWB9x6Ct9mq9Qn4zxC3X6mUXutgV1C04OqYkZrjeuqYrLrQDkW8m1KGhI0W47ZlrICzL_trjwz-YSt-jlFe0iSS8mGgpFVbubHq5zZ1g0nWIAGnIQfR57AwOoQ&sig=Cg0ArKJSzGNhYSKpiP3zEAE&urlfix=1&adurl=

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 21:14:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 loader.js Show response
config.seedtag.com/ Frame E9F9 39 KB
11 KB 55ms
53ms Script
application/javascript 104.18.134.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.seedtag.com/loader.js?v=0.5799793649522478
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.134.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 530446db782fe70fc97ee915fda9c80d4588f42ecf8752240bbdc3ee93b0eb54

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 26164
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0902895bac0000bdff65303000000001
last-modified: Mon, 22 Mar 2021 13:57:08 GMT
server: cloudflare
etag: W/"ad14d3cfe1330109577d6723223600b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 634aab3f7fb3bdff-AMS
expires: Tue, 23 Mar 2021 21:34:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9F9 118 KB
36 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429061647350"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36559
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:21 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49f3a596465ec35441ddef2884e107916aab09d37dedcd36d785a4e313c0043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429055681843"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:21 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 83FE 0
0 57ms
57ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6RoIqQsCSbwXNtCHqP0lS7A8nCSY8FknuY7fLCkzAUpT67bAduaFmNZRab6WNGHN7r_umE0ZXqONacAnGB1EFGZOpK_XU7ZMb2j9vKzJEbwxtX159ChLw0ubdyGgWn9qTgsMJ_B1C1ZgcLKW3inJCK6o3Hac4LtO7iroRF03b7zTlGTA_WzDgx31U9Opr-pqvm8q5wVfNBcyW8KvJw0ztAnkiRWZaooKOcdqPLfH6U55rNoBOoAv1CwyHxOjgJqLtzj5FHZrAF-ArFBdYxOpscTts-xRvk_Z8dpPBZYd0F4HNuWVTYBmPYxT_FlElGYNIwq7d7A&sig=Cg0ArKJSzCgkak-YSqoDEAE&urlfix=1&adurl=

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 21:14:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 83FE 114 KB
37 KB 24ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:29 GMT
server: nginx
etag: W/"605322dd-1c9d1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 24 Mar 2021 21:14:22 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83FE 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429061647350"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36559
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:22 GMT

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 235 B
293 B 22ms
22ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9f1508da4c7e232fecfa9d9ca9c8d6d4097d449c91b20d51903af021612c1214

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
via: 1.1 varnish
age: 10
x-served-by: consumer-a011-dub-prod.krxd.net, cache-fra19180-FRA
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1616534062.016908,VS0,VE0
content-length: 192
x-cache-hits: 0, 1

GET
DATA 200
OK truncated
/ Frame E9F9 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e8e045d8dc208648f556c6f2958acc486592bfe3f65e6cb52a0397d671e8c54

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 login.css
s.glbimg.com/pc/ca/ 846 B
837 B 211ms
211ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/login.css

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 884773087 al25 39 03
age: 152802
content-length: 431
x-xss-protection: 1; mode=block
x-request-id: e4937afd-0d1b-45e4-a8ef-e93b0988e467
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0A821C04
etag: W/"6011d1fe-34e"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 29 Mar 2021 02:47:39 GMT

GET
DATA 200
OK truncated
/ Frame 83FE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57b69a5d2497c9bfab9379502d363650a0c80482f016f325671004b52b2004ef

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 schemas Show response
horizon-schemas.globo.com/ 95 KB
10 KB 209ms
208ms XHR
application/json 186.192.81.117
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-schemas.globo.com/schemas

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.117 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-117.prt.globo.com

Software

Resource Hash

829ca88db1aeaac79bdf3dbca983eb694f3c60aef3242c78664e1baac24ae9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 501466347 al19 29 06
age: 3396
vary: X-Forwarded-Proto, Accept-Encoding, Origin
content-length: 9997
x-xss-protection: 1; mode=block
x-request-id: cbb547e4-326b-4db1-8e9a-2ddd6a270d95
access-control-allow-origin: https://oglobo.globo.com
x-thanos: 0A81BC0B
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json; charset=UTF-8
via: 2.0 CachOS
cache-control: max-age=7200, public
accept-ranges: bytes

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 83FE 0
146 B 16ms
16ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=106&profileId=184&cb=70092627371
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://oglobo.globo.com
date: Tue, 23 Mar 2021 21:14:21 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 83FE 0
0 57ms
56ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNCzE7KHDtRlSj9FlvC_G2S7-2LVoJpqbJ-aaUHfee-hh7FLslldyU_ekftQGH-q9x-eopk-vjPZCKDyALrv1aotW-IH5rTjBRzI-v4W-chHybjvxM1RAyEZ6f2PXGq5i0INlwoqtgmfhpLk5r2UNv7KGVdUX61UABH5o_bShDsGCcnuGr2p_HLVjOAv9OpmeC6kj_Te7lIg-7Q6vPSadsirgQUZGUN2srVXmTuRONTmRLZcN_eRVxETNUl_wNbDVBxQMXjFw2x84LPyY9ALF5tQIGJs4OQCzebfo1DY0J6fwHGJXSmbQhLTduG8JMO1UXKY6zl80F&sig=Cg0ArKJSzKwaCL9aLC3TEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 21:14:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 21:14:22 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E9F9 0
0 56ms
56ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5jJzjHzjXYkD_2DmWfonuI3yx2ToF_A-NLdSkDBbNg688vJSX4yGfh2M3fWPEIQQ8BRG9GWNSJ0mwcUXomJv7J_hEdCYvb2F1yziQD8Irl324lJsX8eEx-1UfIqeMAqTsnJ58MPJjZ3o-RfKCkm8oaWUIpO7INjqNVnqF-l-P1JwDZqwNyW1yqUIJpH29n7pz1MdmTh4ELwLgMDu87uqEMVT4zgXjmMEfu0REM-yen2iViwoGrIHYZwuJyQ1NwaxlDTxAAudqG3JRqMlJwhOzgAsNe4eJiu9Pu_9qu0iTrHe_JjJFukASOn4sy1Dj1XpRxgiu7eXb&sig=Cg0ArKJSzIG25vDQxI1JEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 21:14:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 21:14:22 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 83FE 58 KB
20 KB 30ms
29ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

54987faa79c6cfe31b25aa501a0ff11643961628ed253320c5fd264edc605908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "821 / 946 of 1000 / last-modified: 1616519886"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19821
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:22 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 83FE 0
146 B 16ms
15ms Other
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://oglobo.globo.com
date: Tue, 23 Mar 2021 21:14:21 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 83FE 43 B
260 B 22ms
21ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 18 Mar 2022 21:14:22 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 83FE 43 B
260 B 24ms
24ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 18 Mar 2022 21:14:22 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 20ms
20ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: ogjs.infoglobo.com.br
URL: https://ogjs.infoglobo.com.br/117/scripts/onesignal.js.pagespeed.ce.uaeqHGs6RK.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2592
etag: W/"29e3b92597e716694def18b1f85abbfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 634aab407fe14a5b-FRA
cf-request-id: 0902895c4e00004a5bd2b2f000000001
expires: Fri, 26 Mar 2021 21:14:22 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/editoraglobonetwork/ 510 KB
41 KB 25ms
25ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f42423214be84df9aec9f1f914104ade02ad1d1666e8b992cba3d8ceae6cf8f

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: jeORRWJNu6YdMUnxVmljC8h3tSOZiR8.
content-encoding: gzip
etag: "86f1a65a305f7547be2a30440f54da1a"
age: 74
x-cache: HIT
content-length: 41275
x-amz-id-2: tm8WP5f7V+TTl//GBPJKUJ9RuspXCObAQ19EkipsVC70CL+nOuaQZBNMfK3PEphrkgWqRGLz9Dg=
x-served-by: cache-fra19136-FRA
last-modified: Mon, 22 Mar 2021 09:33:25 GMT
server: AmazonS3
x-timer: S1616534062.170671,VS0,VE0
date: Tue, 23 Mar 2021 21:14:22 GMT
vary: Accept-Encoding
x-amz-request-id: TVBFNQQW7XVK4MCV
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 69
x-cache-hits: 2

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
283 B 192ms
191ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=l67dw&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 169
pragma: no-cache
last-modified: Tue, 23 Mar 2021 21:14:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e5233a69c5352bd894ad3780e49cdc38
x-transaction: 007e1faa0081cd50
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK smart-app-banner.js Show response
oglobo.globo.com/1/scripts/vendor/ 25 KB
10 KB 216ms
216ms Script
text/javascript 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/1/scripts/vendor/smart-app-banner.js

Requested by

Host: ogjs.infoglobo.com.br
URL: https://ogjs.infoglobo.com.br/117/scripts/smartbanner.min.js.pagespeed.ce.CODpamhBvy.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

5d13d3c4258bbb975792b3ab111178044cab7f2a055d9487e3dd0fe9969e6b01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 14:19:58 GMT
Content-Encoding: gzip
Age: 4085663
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 8893
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 28 Jan 2021 16:24:20 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a05a2b3b-63dc-5b9f851dcb500-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 1167474

GET
H/1.1 200
OK smart-app-banner.css
oglobo.globo.com/styles/vendor/ 6 KB
2 KB 212ms
211ms Stylesheet
text/css 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/styles/vendor/smart-app-banner.css

Requested by

Host: ogjs.infoglobo.com.br
URL: https://ogjs.infoglobo.com.br/117/scripts/smartbanner.min.js.pagespeed.ce.CODpamhBvy.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

c979be3ca2ea19a41e656e1372c36f4677da11ace44f40c27c2c48bfe5a33cca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 16:27:02 GMT
Content-Encoding: gzip
Age: 3041239
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 1297
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 10 Feb 2021 13:44:16 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a017027f-17bc-5bafb995b2c00"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 917197

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 44A7 0
150 B 65ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=oglobo.globo.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=oglobo.globo.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1536
date: Tue, 23 Mar 2021 21:14:21 GMT
content-length: 0

GET
H3-Q050 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 83FE 285 KB
100 KB 31ms
30ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:22 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/editoraglobonetwork/ 4 KB
2 KB 21ms
19ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f15f9f68f1905a2a7888dba63655f6e3f76d9aa3e0289b9ee76159a7fa3e66e

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: m2bsZfyy1LZZktqva4dcKbjfl2GF_kho
content-encoding: gzip
etag: "94583b413672fa96c923ed26065aa6c8"
age: 256
x-cache: HIT, HIT
content-length: 1475
x-amz-id-2: b2HOFIgy6MbMDjH/Mkgv3nBF1PUQLQhCRQ6is5hyCH14R0YE1KDP0siPqFg13r1Ynph3GsfLSyo=
x-served-by: cache-lax10645-LGB, cache-ams21028-AMS
last-modified: Thu, 16 Apr 2020 11:05:00 GMT
server: AmazonS3
x-timer: S1616534062.231539,VS0,VE0
date: Tue, 23 Mar 2021 21:14:22 GMT
vary: Accept-Encoding,,
x-amz-request-id: 63355A088211752E
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 2

GET
H2 200 impl.20210322-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 470 KB
108 KB 29ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210322-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9cd3b8bb6ee4c2a5e37812d19f52c7761f2a5fba13c800d9219f41ed29e0f86e

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 15soBslgLCzhOJFrJKC3TvHKBLIYSmb0
content-encoding: br
etag: "a8138dde5d4e155d5a4b61e1dbc0b323"
age: 13444
x-cache: HIT
content-length: 110574
x-amz-id-2: /gR+Z4D+x494aOQV65R7k8hNLKiygoCe6O7v6KJ10tOT6hSK4GxTJUAh9IQtvChq1iPB07ttSp8=
x-served-by: cache-fra19136-FRA
last-modified: Mon, 22 Mar 2021 09:28:11 GMT
server: AmazonS3-br
x-timer: S1616534062.234101,VS0,VE0
date: Tue, 23 Mar 2021 21:14:22 GMT
vary: Accept-Encoding
x-amz-request-id: 4ZCA7BPE2RY158TR
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 94
x-cache-hits: 59232

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 22ms
22ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 24 Mar 2021 21:14:22 GMT

GET
H3-Q050 200 container.html Show response
3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F90C 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 23 Mar 2021 21:14:21 GMT
expires: Wed, 23 Mar 2022 21:14:21 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 23ms
23ms Preflight 3.123.237.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Server: 3.123.237.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-237-40.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 23ms
23ms XHR
application/json 3.123.237.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.237.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-237-40.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 23 Mar 2021 21:14:22 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/editoraglobonetwork/ 117 KB
32 KB 17ms
17ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/editoraglobonetwork/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c227e6d4a034ee99d5033d25707e2c731dc106218b8baf0b1d0367baf1b34fdf

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: F99cE8z6BF1PEpMN9U5Q81RZGARYE5tJ
content-encoding: gzip
etag: "7a6be2c93082692d015b963fdf259c3f"
age: 4173169
x-cache: HIT, HIT
content-length: 32201
x-amz-id-2: TDPRa3dumLIzzQ8QXH7ces4rnraInURUEUtcO3/dkrxIkH1AcrFNMFJ+yMDp2iyJuXXGd+5XTKY=
x-served-by: cache-sna10743-LGB, cache-ams21028-AMS
last-modified: Thu, 16 Apr 2020 11:04:59 GMT
server: AmazonS3
x-timer: S1616534062.285754,VS0,VE0
date: Tue, 23 Mar 2021 21:14:22 GMT
vary: Accept-Encoding,,
x-amz-request-id: 58FBF371728B77BD
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 7, 9

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1616534062277&ns_c=UTF-8&cv=3.5&c8=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20gl...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1616534062277&ns_c=UTF-8&cv=3.5&c8=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20g...

0
528 B

22ms
22ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1616534062277&ns_c=UTF-8&cv=3.5&c8=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%20-%20Jornal%20O%20Globo&c7=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&c9=&cs_ak_ss=1
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 21:14:22 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1616534062277&ns_c=UTF-8&cv=3.5&c8=Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%20-%20Jornal%20O%20Globo&c7=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 23 Mar 2021 21:14:22 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 83FE 107 B
146 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 83FE 107 B
146 B 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 83FE 4 KB
3 KB 306ms
306ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3352457601283136&correlator=3436606848489958&output=ldjh&impl=fif&eid=31060550%2C31060320%2C31060367%2C31060505%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=85042905%2Cinfo.web.oglobo&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C900x250%7C940x250&fluid=height&cookie=ID%3Dc4ea5b25da2f54cf%3AT%3D1616534061%3AS%3DALNI_MZOEX_w8uAOzeQu7nENLRK9Y89Ukg&cdm=oglobo.globo.com&bc=31&abxe=1&lmt=1616534062&dt=1616534062308&dlt=1616534061995&idt=300&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=7798&adks=792994497&ucis=m4kgiwqm5nv2&ifi=1&ifk=806806396&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&top=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=241461513.1616534062&ga_sid=1616534062&ga_hid=1371478917&ga_fc=true&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

83df9bec7a4a317d64facab8f3c95f431fbf9d69bbf331b4ffbc3771ffa9f8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2393
x-xss-protection: 0
google-lineitem-id: 4559306631
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138256664296
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 83FE 0
0 28ms
13ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 83FE 0
0 7ms
7ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 /
www.facebook.com/tr/ 0
54 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryxauMqtit5ALm62ZB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 23 Mar 2021 21:14:22 GMT
content-type: text/plain
access-control-allow-origin: https://oglobo.globo.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 8 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae2ed4b8fbc524f51f6595c5cbcd253b9b91ef47e9a4fddbeed736557738f405

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/8058503296653512518/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1914
date: Tue, 23 Mar 2021 13:16:45 GMT
expires: Wed, 23 Mar 2022 13:16:45 GMT
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 28657
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F90C 0
0 57ms
57ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CecIeLVpaYNj4OrCZrAShtrjABYWA57JgnvHX9d8M29keEAEgl5f4IGCRhJOF_BegAZi-79ADyAEJqQIW_bw7feqzPuACAKgDAcgDCKoExAJP0A6ssK2he-4hw2UVrObr4cQ24Di1VdLaj2n5_Jo_3Mn1rwyhUHuWl7XIp-ze2tkG9U-gbq-OrUdve-QbhchVPK84VRjVeY8QkxV92SPFmxTKPqvxK6PXzaWYXNJ85bWoDyRlnv8Xw8oQKzdtO8uwfW5Egl2DATyqkTqO2y-5J03Wbk7klJQxgO3HRcGCX8ZwddDio3tsssHdimc9EpythyV2xWlmhwK6N6c8_npWL6C0DNwbVc0TWRBm5nuRawM79mR5pkOHUeshG_ixOGIYxXJdaCCDQmLcIWG7f7xwWXcemGR6CPgZlZaDi5dXsmTIjdrhhp5-8IuZWhuxZnIGpzbbM7qbRSj1Kf-WYjobQpSGgm0dGLZVosfd7-tR1fF9Jw_h2nDQqIGZluZVX14vZkDKPJHk8Z91lvr77DQQNWlcKcXABK6AiMrhAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfQwZAvqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEI6dBtIICQiA4YAQEAEYHYAKA8gLAdgTDbIXGgoYCAASFHB1Yi04ODI4NTg3MTQ5NDczNDM3&sigh=y60LLv_IxF0&template_id=419&tpd=AGWhJmv6rnqA1laDVZfNdsjKTguQ9dtAf28ZG5tFanGD2zrJxw
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame F90C 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com
URL: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 21:06:50 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame F90C 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com
URL: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 21:12:05 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F90C 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com
URL: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429061647350"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36559
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:22 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame F90C 12 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com
URL: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 21:10:33 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame F90C 0
0 15ms
13ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8Ijh8GPNIpHQneTdcp83pglTjtW1lJuQL0cuYeIwjfidjuMbxZuQDMXz_-E_MpDpGnt5eeVBOfJYX0wHFhaNhr-_Zqg
Requested by: Host: 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com
URL: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H/1.1 404
Not Found infoglobo.oglobo
horizon-track.globo.com/event/ 0
0 630ms
213ms Other
application/json 131.0.25.125
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-track.globo.com/event/infoglobo.oglobo
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.125 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-125.prt.globo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQ1DDxcXlfbqUCYYb

Response headers

POST
H2 200 /
www.facebook.com/tr/ 0
31 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary1RBbUHS2etEhMDcK

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 23 Mar 2021 21:14:22 GMT
content-type: text/plain
access-control-allow-origin: https://oglobo.globo.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D370 143 B
216 B 22ms
21ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com
URL: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm0Dvx6pg3y9hXNbjvbAMl1Gms-3buiJ1Woo5rqbOnzJh9YsaPHuJAXhQ2mD9k
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Mar 2021 20:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1976
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F90C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0289cd705d0c6286fb311dbb11ab4b3f130fb98b029201e39e91149d88fe9e08

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame ED2E 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 24 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame ED2E 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 24 Mar 2021 13:07:30 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame ED2E 60 KB
24 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Mar 2021 21:14:22 GMT

GET
H3-Q050 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 14 KB
15 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0881ca9043f0df79de88ed93a4d0bccc1afe89262fe434d57df0e7f84c9a8de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14124
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Fri, 19 Mar 2021 08:25:41 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 08:25:41 GMT

GET
H3-Q050 200 footer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/footer.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0f032a36376c34d8177550d77a02e7af0b3a16748604f75f60b3fcee93597d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2599
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Tue, 23 Mar 2021 14:19:20 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 14:19:20 GMT

GET
H3-Q050 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee42648d9360a0e1a91f88085e383b9b222ed29fb408e994b83194d8866276f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 31791
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3116
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Tue, 23 Mar 2021 12:24:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 12:24:31 GMT

GET
H3-Q050 200 txt-1a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 8 KB
8 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/txt-1a.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad696dcf60d004405a54c7779fdee7cecf9c4b6a26caf54d578b1a37efbbbf87

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 9286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7907
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Tue, 23 Mar 2021 18:39:36 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 18:39:36 GMT

GET
H3-Q050 200 txt-1b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 5 KB
5 KB 10ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/txt-1b.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f9011643877bb596d6706fc07741c52d37611db321a9aa9c23e3c61c61c4e53

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5271
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Tue, 23 Mar 2021 14:19:20 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 14:19:20 GMT

GET
H3-Q050 200 btn.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/btn.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3093b16d611b82e5614ee677fe2b91117da368cd2fdcb5040208f45a3b064b4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 396536
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2450
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Fri, 19 Mar 2021 07:05:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 07:05:26 GMT

GET
H3-Q050 200 usp-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 2 KB
2 KB 15ms
13ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/usp-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cc7ae3b673afd107048431d550a9394193b6675b9246748b803bfb186f38baa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 466271
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2132
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Thu, 18 Mar 2021 11:43:11 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 11:43:11 GMT

GET
H3-Q050 200 usp-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/usp-2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8a57163c2ee2afd8e0d8d549d77d39aaf31cc886df2f657fadddd3d6175690

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 246826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1702
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Sun, 21 Mar 2021 00:40:36 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 00:40:36 GMT

GET
H3-Q050 200 usp-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/usp-3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a633e985c39a41e396efe84fcaef6810dbe081d2a0c34816a319c1aa5fc52ed

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 596498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1903
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Tue, 16 Mar 2021 23:32:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 23:32:44 GMT

GET
H3-Q050 200 usp-4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 2 KB
3 KB 13ms
11ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/usp-4.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ca30a6391c4acab8ea415f560050c9af4d686a3e5079a200d44a139fad840c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 398657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1976
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Fri, 19 Mar 2021 06:30:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 06:30:05 GMT

GET
H3-Q050 200 usp-5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/usp-5.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b398fc8cefb519857895b0d7c05880bd2ad94a5f1a573c7ef917550a089dc0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 246826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1825
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Sun, 21 Mar 2021 00:40:36 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 00:40:36 GMT

GET
H3-Q050 200 check.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/check.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10714298e3746bb05db815decba0efd2301cbb6d8690e88fa848857910f04170

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 504137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1670
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Thu, 18 Mar 2021 01:12:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 01:12:05 GMT

GET
H3-Q050 200 start-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 4 KB
4 KB 11ms
10ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/start-logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba3120cd3e500e4e1dac5b32912ffb4293228fada472fbb669e1b8e9d9633aa9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 424314
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4231
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Thu, 18 Mar 2021 23:22:28 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 23:22:28 GMT

GET
H3-Q050 200 start-txt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 3 KB
3 KB 16ms
14ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/start-txt.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

362160b017c2ced09da23538f1af257d84b84ed5726818b574655f09586e3d14

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 314828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3057
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Sat, 20 Mar 2021 05:47:14 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 05:47:14 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D370
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
294 B

30ms
30ms

Document
text/html

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com
URL: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm0Dvx6pg3y9hXNbjvbAMl1Gms-3buiJ1Woo5rqbOnzJh9YsaPHuJAXhQ2mD9k
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 21:14:22 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 23-Mar-2021 22:14:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 21:14:22 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 21:14:22 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 fg.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/ Frame ED2E 21 KB
21 KB 13ms
13ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/fg.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8058503296653512518/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

000b9e89585f05b36a869eaf4dd6e25f9e2523e1f13117f24b63791c97d6a00d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 246824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21126
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 13:31:12 GMT
server: sffe
date: Sun, 21 Mar 2021 00:40:38 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 00:40:38 GMT

GET
H3-Q050 200 container.html Show response
032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5B74 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 23 Mar 2021 21:14:22 GMT
expires: Wed, 23 Mar 2022 21:14:22 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83FE 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49f3a596465ec35441ddef2884e107916aab09d37dedcd36d785a4e313c0043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429055681843"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:22 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 83FE 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55c7530980e4e61b5e4e1c069aa333f6027e5f42c1ecf5e82afcb803a7944ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6490
x-xss-protection: 0

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 5B74 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: 032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
URL: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 19:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264059
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 19:53:23 GMT

GET
H2

200

d9db2c245b71f526ae00e5c9.js Show response
banner.boostbox.com.br/integrations/script/ Frame 5B74
Redirect Chain

https://banner.boostbox.com.br/integrations/script.js?token=d9db2c245b71f526ae00e5c9
https://banner.boostbox.com.br/integrations/script/d9db2c245b71f526ae00e5c9.js

358 KB
89 KB

28ms
28ms

Script
text/javascript

2606:4700:10::6816:295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banner.boostbox.com.br/integrations/script/d9db2c245b71f526ae00e5c9.js

Requested by

Host: 032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
URL: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:295 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66465ebd86fafe9c9b43fc82fb90c35fcdb297d84e8505c84781f852ee634adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 23548
etag: W/d9db2c245b71f526ae00e5c9-e8ee1a9a4fc75f1ed1260908879aeb20
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=30, s-maxage=86400, stale-while-revalidate=1800
strict-transport-security: max-age=3600; includeSubDomains
cf-ray: 634aab43ce4a4ec8-FRA
cf-request-id: 0902895e5f00004ec817217000000001

Redirect headers

date: Tue, 23 Mar 2021 21:14:22 GMT
cf-cache-status: HIT
server: cloudflare
age: 763
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: /integrations/script/d9db2c245b71f526ae00e5c9.js
strict-transport-security: max-age=3600; includeSubDomains
cf-ray: 634aab43be014ec8-FRA
cf-request-id: 0902895e5100004ec815122000000001

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B74 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
URL: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429061647350"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36559
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:22 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 83FE 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:22 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B74 0
0 58ms
57ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxszLFuqu7Qi7-FfXHgswSF6hbotxykTRGeWHz22fB69F-Snz_WuFnNPX3WtQSA6lZjYN1jGrIPtzSFWa3mX9cSDU3nMh78ydHmWWQ31aBPNlzsB02ZGMMJGOnKNGFmoGO9aWYjY7EELof3DE2NSjCzm4OnHtjbQsmGNOOc_c5HUDBB2wYnSYrU1GevWLkrUFTwG0yIA34TrXEAIWSFQiaulTZvFjxG_Zv5O0dE5eMELadYqZtdmy72Q5Tspds3QSJXj2ZHuFWKVPEpdgKtLDskVcKxkQbashJ_CsP1eIkCioJ06DwiEwt_PH50yYA4MyeWqYxOQ&sig=Cg0ArKJSzF9cEGuc_FQHEAE&urlfix=1&adurl=

Requested by

Host: 032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
URL: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 21:14:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame CEFF 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 23 Mar 2021 17:32:07 GMT
expires: Wed, 23 Mar 2022 17:32:07 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13335
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js Show response
pagead2.googlesyndication.com/bg/ Frame CEFF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c788c3d6b5a5f5931ef45abc5640af29b16f379c2e1634dc32c6c225327f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 17:42:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 99098
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5657
x-xss-protection: 0
expires: Tue, 22 Mar 2022 17:42:44 GMT

GET
DATA 200
OK truncated
/ Frame 5B74 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 728989160940483303a234b3fb212ddfa73fb01f4d3e8297bdca02fe338984cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B74 0
0 58ms
58ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbqtK2Zq2RP_nz8GuK6L8j771QCnwKdkCvHyvUwsLTQKL51JnfjZgPTwqD6OiJvzLWoRnWBR24zSduNgdt-lmLzu4lv54bOBWlRi8BAVtQpZ80MzUmFHf3Mv4JzbUmviUCbYjbnsfzdpJI41HLOvhQCNfm9VYFgKAvRhLEFNP9LLvcKp_nePlKJabJpp4uCACUSzMtUZ_8NGRo-wkKw26a7ABmfNu-ybWiSQKfN-38kTaUhtv4uLmGOaumgEA1pzxXM07YkMajnzdVe60lIEaePwtV7_50Fm3PYmoQBgcfyQqVzIRV7b3Fdw&sig=Cg0ArKJSzN0nECYM7XrgEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 21:14:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 21:14:22 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame 5B74 4 KB
1 KB 24ms
8ms Script
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?callback=window.loadApp&features=es6,fetch,Object.values,Array.prototype.includes,IntersectionObserver,IntersectionObserverEntry,URL

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=d9db2c245b71f526ae00e5c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9b2f2daa7cd71e8740f3565703089639f3be38b4ce83394fd2ca75154916456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2171949
detected-user-agent: Chrome/89.0.4389
server-timing: MISS-CLUSTER, fastly;desc="Edge time";dur=35, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 949
referrer-policy: origin-when-cross-origin
last-modified: Fri, 26 Feb 2021 17:28:02 GMT
date: Tue, 23 Mar 2021 21:14:22 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 master_counter
banner.boostbox.com.br/ Frame 0
0 135ms
116ms Preflight
text/plain 2606:4700:10::6816:295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banner.boostbox.com.br/master_counter

Protocol

Server

2606:4700:10::6816:295 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-type: text/plain
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-expose-headers
access-control-max-age: 1728000
access-control-allow-headers: content-type
strict-transport-security: max-age=3600; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 0902895f05000097300885e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 634aab44df2a9730-FRA
content-encoding: br

POST
H2 204 master_counter
banner.boostbox.com.br/ Frame 5B74 0
0 112ms
112ms Fetch 2606:4700:10::6816:295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banner.boostbox.com.br/master_counter

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=d9db2c245b71f526ae00e5c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:295 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Accept: application/json, text/plain
Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin: *
access-control-max-age: 1728000
strict-transport-security: max-age=3600; includeSubDomains
cf-ray: 634aab458fa69730-FRA
cf-request-id: 0902895f7900009730f0b95000000001
access-control-expose-headers

GET
H2 200 bbPbjs-e6e7c0a63a2084883f992a55699efbf8.js Show response
banner.boostbox.com.br/prebid/ Frame 5B74 174 KB
54 KB 30ms
30ms Script
application/javascript 2606:4700:10::6816:295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banner.boostbox.com.br/prebid/bbPbjs-e6e7c0a63a2084883f992a55699efbf8.js

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=d9db2c245b71f526ae00e5c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:295 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5b16299d0a5df077ced1c539f488357e144dcebe92da1ab311f5ab3496c429d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 18:17:22 GMT
server: cloudflare
age: 5904
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=3600; includeSubDomains
cf-ray: 634aab44b85f4ec8-FRA
cf-request-id: 0902895ef400004ec81dadc000000001

GET
H2 200 d9db2c245b71f526ae00e5c9 Show response
banner.boostbox.com.br/banners/ Frame BBC7 8 KB
3 KB 12ms
12ms Document
text/html 2606:4700:10::6816:295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banner.boostbox.com.br/banners/d9db2c245b71f526ae00e5c9

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=d9db2c245b71f526ae00e5c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:295 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f0ad5130791c908cb5fa8d265e120e62a5d6b36ddd4498887fff71e0b9da65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

:method: GET
:authority: banner.boostbox.com.br
:scheme: https
:path: /banners/d9db2c245b71f526ae00e5c9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d63530181869349ddf0fc38514ffc7f9c1616534062; expires=Thu, 22-Apr-21 21:14:22 GMT; path=/; domain=.boostbox.com.br; HttpOnly; SameSite=Lax; Secure
cache-control: public, max-age=30, s-maxage=86400, stale-while-revalidate=1800
etag: W/d9db2c245b71f526ae00e5c9-0df4b09905a15b4c0b35e48dc8a633dc
strict-transport-security: max-age=3600; includeSubDomains
cf-cache-status: HIT
age: 21295
cf-request-id: 0902895ef700004ec83ba4f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 634aab44b86b4ec8-FRA
content-encoding: br

GET
H2 200 application-76a9524b85686f781e58191dd1e8f007f89260e55ce18a215b3b8ab24173f5e3.css
banner.boostbox.com.br/assets/ Frame BBC7 3 KB
950 B 12ms
11ms Stylesheet
text/css 2606:4700:10::6816:295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banner.boostbox.com.br/assets/application-76a9524b85686f781e58191dd1e8f007f89260e55ce18a215b3b8ab24173f5e3.css

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/banners/d9db2c245b71f526ae00e5c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:295 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76a9524b85686f781e58191dd1e8f007f89260e55ce18a215b3b8ab24173f5e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://banner.boostbox.com.br/banners/d9db2c245b71f526ae00e5c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 18:17:22 GMT
server: cloudflare
age: 5898
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: text/css
strict-transport-security: max-age=3600; includeSubDomains
cf-ray: 634aab44e8b04ec8-FRA
cf-request-id: 0902895f0e00004ec81dade000000001

GET
H2 200 application-0760fe7582360f8cdec614ab9da3da8650b646907623b330366618b31f9f8db5.js Show response
banner.boostbox.com.br/assets/ Frame BBC7 119 B
186 B 20ms
19ms Script
application/javascript 2606:4700:10::6816:295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banner.boostbox.com.br/assets/application-0760fe7582360f8cdec614ab9da3da8650b646907623b330366618b31f9f8db5.js

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/banners/d9db2c245b71f526ae00e5c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:295 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0760fe7582360f8cdec614ab9da3da8650b646907623b330366618b31f9f8db5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://banner.boostbox.com.br/banners/d9db2c245b71f526ae00e5c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 18:17:22 GMT
server: cloudflare
age: 5898
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/javascript
strict-transport-security: max-age=3600; includeSubDomains
cf-ray: 634aab44e8b84ec8-FRA
cf-request-id: 0902895f1000004ec8df063000000001

GET
H2 200 application-256aac71fb6e29803e8c481138606cad.css
banner.boostbox.com.br/parcels/ Frame BBC7 124 KB
10 KB 16ms
15ms Stylesheet
text/css 2606:4700:10::6816:295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banner.boostbox.com.br/parcels/application-256aac71fb6e29803e8c481138606cad.css

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/banners/d9db2c245b71f526ae00e5c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:295 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c090873a1e12a29de4e7aa7b577e95ec35fb5acda5543f6698ba8144247ff84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://banner.boostbox.com.br/banners/d9db2c245b71f526ae00e5c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Mar 2021 18:49:34 GMT
server: cloudflare
age: 5284
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/css
strict-transport-security: max-age=3600; includeSubDomains
cf-ray: 634aab44e8b44ec8-FRA
cf-request-id: 0902895f1000004ec824b68000000001

GET
H2 200 application-58c780f7a16db3077aa8bd08cfe9a5cc.js Show response
banner.boostbox.com.br/parcels/ Frame BBC7 429 KB
99 KB 32ms
31ms Script
application/javascript 2606:4700:10::6816:295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banner.boostbox.com.br/parcels/application-58c780f7a16db3077aa8bd08cfe9a5cc.js

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/banners/d9db2c245b71f526ae00e5c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:295 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1a8366c0eea238a36ac12ba3abb660c3fd9e6b58fafe2344ee1e724042e7567

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://banner.boostbox.com.br/banners/d9db2c245b71f526ae00e5c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Mar 2021 18:24:40 GMT
server: cloudflare
age: 6842
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=3600; includeSubDomains
cf-ray: 634aab44e8b94ec8-FRA
cf-request-id: 0902895f1000004ec8f53a7000000001

GET
H2 200 json Show response
trc.taboola.com/editoraglobo-oglobo/trc/3/ 20 KB
8 KB 307ms
307ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-oglobo/trc/3/json?tim=22%3A14%3A22.879&lti=deflated&data=%7B%22id%22%3A88%2C%22ii%22%3A%22%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1616405572863%2C%22vi%22%3A1616534062878%2C%22cv%22%3A%2220210322-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8181%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbs-hero-02%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Page%22%2C%22orig_uip%22%3A%22Below%20Page%22%2C%22cd%22%3A7797.9375%2C%22mw%22%3A1344%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210322-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: eadbf6a4d2f7a0d4739fbccf56bdc624b208ef39517eb9f56a85fdc5ac4c1f99

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 280
date: Tue, 23 Mar 2021 21:14:23 GMT
content-encoding: gzip
server: nginx
x-timer: S1616534063.896720,VS0,VE280
x-served-by: cache-fra19136-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://oglobo.globo.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5B74 0
372 B 80ms
27ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/prebid/bbPbjs-e6e7c0a63a2084883f992a55699efbf8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:22 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5B74 0
372 B 81ms
28ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/prebid/bbPbjs-e6e7c0a63a2084883f992a55699efbf8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:22 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ Frame 5B74 0
226 B 480ms
159ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/prebid/bbPbjs-e6e7c0a63a2084883f992a55699efbf8.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
date: Tue, 23 Mar 2021 21:14:23 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83FE 0
46 B 41ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031601&jk=3352457601283136&bg=!YWKlYibNAAbUo7L91KM7ACkAdvg8WvrKqBSHcvXxLL_QvCB-wkoDSkpU-nKzvxpq2HA5UJocAOoUGgIAAACXUgAAAAtoAQcKASEaet5SI5M2Em0L6uF5tQ5qRaE4uJiPuQNEd_eMSubm_dkKG5CV0Qyhi87NF_PevKfNVRmlAU6Pd2vl5DLKaBnNT1eDIY1gXiDKHxMrPfQvQUu9YSZc433sElAdjoFSABeetRYc6f2YWeNUfO_r_lvXJsdDYxslzKHYZhno70v5w2RYnLrUatn1vr0inB1gVmqO-WxpP6hPMHUbuN_C35LrPOkoittOnn6NAskNTWnOf_QASDcWhmDOnjot7Yfxkx6NTcoAqZ-FL8c07o1HC2pjw31qq_xiVdPRmkPSI0Z5bQ-1ZQ4gEOxpeYNQqLGOkukZ_vgNQZ2QSTN-7yNYqWg9MStXShqqCwrTyJqc4hzKJyXhUVPxj3vILFnEhIE1ebrhmQHjFNW3SjncoW4rEW68LHeMbzGqnX3mnNAFH1kWqanoybY05sR9VYBmpW_4utmXJFDYgTQXV6dwBDyeIVtWPRqaQIrkj_9TqJNE0E8ZolFLkpQdZ-Ap0-GqRBqlmm6R2qMSfepjinTX4rZ1vFNqmKF4ckkqlZec-vxbj4iPjjn2PSQRdJ1WU8H6DJGzZpTFBFcka9OK_jjNtHcc7rpszi4w2mqSlJR5Lqf6QFFcH39GLg_QWlJcroUXeSoT7XGyQ4GDxVdJEqRS-OTXZn6z2w7oSTqafilDv1wC7I7kYsazfq57Tda05sdo6S4p9zBdlXlIEgLxqz9ZWHXrhsV2jkdreXg-oN2rJ2IWN8k2RosclNEu_RFSXeGu_fpbXGAOi1zlkvUC7H6Nv1Bm2o2nLt2KIqxrUYFqUv3X6_HbHBvTllHOOFMn04QXwLFO6r1LrbAuD-Zsc1LJj_-6NhJZCLJEsb4qw8skfyLtqaDcQQc4PV51DoqJHECUyV_lRCEMScxlCIbM3fpApkYbXNaw_wgkKFwlGyMn4uBcw-1a9m_4rnDGK3oNRL3b1jX68F4oM1beZAezfzhHCVh7yNwehEaXMU06vB08-ZBn7BGJT2Cw_cF3aGtEUFX3cdn0noqCcrvM-zV0

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame BBC7 4 KB
1020 B 7ms
6ms Script
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?callback=window.loadApp&features=es6,fetch,Object.values,Array.prototype.includes,IntersectionObserver,IntersectionObserverEntry,URL

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/parcels/application-58c780f7a16db3077aa8bd08cfe9a5cc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9b2f2daa7cd71e8740f3565703089639f3be38b4ce83394fd2ca75154916456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://banner.boostbox.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2171949
detected-user-agent: Chrome/89.0.4389
server-timing: MISS-CLUSTER, fastly;desc="Edge time";dur=35, HIT, fastly;desc="Edge time";dur=1
content-length: 949
referrer-policy: origin-when-cross-origin
last-modified: Fri, 26 Feb 2021 17:28:02 GMT
date: Tue, 23 Mar 2021 21:14:22 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame BBC7 282 B
662 B 127ms
53ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&totalAds=4&publisherUrl=https://oglobo.globo.com&adUnitCode=5a0e7232-2c56-4da5-baa8-c1203cc304e0&apiKey=3T38976MW3MZDSSMKHJ3&cb=jsonp_1616534063040_40381

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/parcels/application-58c780f7a16db3077aa8bd08cfe9a5cc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-flurry71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

488e26450ee7d3ed3bab16617dfaf4388103668cc13a6ed0ff01d8ae54ba92a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://banner.boostbox.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:23 GMT
Content-Encoding: gzip
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Vary: Accept-Encoding, User-Agent
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000

GET
H/1.1 200
OK getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame BBC7 285 B
667 B 144ms
58ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&totalAds=4&publisherUrl=https://oglobo.globo.com&adUnitCode=0d685b9a-3e3b-4b85-a2e2-17ee8078b292&apiKey=3T38976MW3MZDSSMKHJ3&cb=jsonp_1616534063040_8751

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/parcels/application-58c780f7a16db3077aa8bd08cfe9a5cc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-flurry71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

7261c8e70a39596d1883d77a972583704b890dc90d324b18da1316a435a0aa6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://banner.boostbox.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:23 GMT
Content-Encoding: gzip
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Vary: Accept-Encoding, User-Agent
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000

POST
H2 204 master_counter
banner.boostbox.com.br/ Frame BBC7 0
0 105ms
105ms Fetch 2606:4700:10::6816:295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banner.boostbox.com.br/master_counter

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/parcels/application-58c780f7a16db3077aa8bd08cfe9a5cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:295 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Accept: application/json, text/plain
Referer: https://banner.boostbox.com.br/banners/d9db2c245b71f526ae00e5c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin: *
access-control-max-age: 1728000
strict-transport-security: max-age=3600; includeSubDomains
cf-ray: 634aab46ed5a4ec8-FRA
cf-request-id: 090289605500004ec8fc949000000001
access-control-expose-headers

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 13 KB
5 KB 24ms
23ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210322-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3847b34f48dbd5b8bdd88297961a5ea449f385f8200491b7b9eb19179e5c9aad

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GTEQjQBNpBY881lThn1bHeQ70sxuI36_
content-encoding: gzip
etag: "38e8b44d38cf84eb666bcec04c8347b9"
age: 28733
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4357
x-amz-id-2: XgqXxYngZ6uQNwhcpiIh1BHZay6FYj7XkuGkkeDGqpqwysjDRn8oNDjzNVZqJQWDp9Tsz8unpi4=
x-served-by: cache-fra19136-FRA
last-modified: Wed, 17 Mar 2021 13:13:47 GMT
server: AmazonS3
x-timer: S1616534063.216298,VS0,VE0
date: Tue, 23 Mar 2021 21:14:23 GMT
vary: Accept-Encoding
x-amz-request-id: BTW9MRK2VYSTZK0T
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 94
x-cache-hits: 437372

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 3 KB
1 KB 23ms
22ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210322-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8907c988abce36758d87a639ef2ddaa025c0338402a80f4e71b7b2450cc7861c

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FyU75WazRsiEew8mV1P.ejYIF3IEfCEj
content-encoding: gzip
etag: "fa3c5d1be5ff23d2bbc39878e37cc0ec"
age: 28730
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 749
x-amz-id-2: 1I/L+AiRXIfkyPP3JvgAzpIOn2hbxJyWkgGqk2v091V9V0QDWMmo3vnbV9T/UJGaDerlVZftXN4=
x-served-by: cache-fra19136-FRA
last-modified: Wed, 17 Mar 2021 13:13:46 GMT
server: AmazonS3
x-timer: S1616534063.216283,VS0,VE0
date: Tue, 23 Mar 2021 21:14:23 GMT
vary: Accept-Encoding
x-amz-request-id: S947MPC9C9C9NDWK
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 94
x-cache-hits: 421769

GET
H2 200 tfa-eid.20210322-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 26ms
26ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210322-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23778aaa8fca97b4b709b97a249b56c0151d162ee40c2940a33db9acd05f5525

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AO6NK.H0R2I69Wg83lVMbgR2CXDgKMyR
content-encoding: gzip
etag: "d3806bc5c6a6817abcc2dda5c1f089d8"
age: 70
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4856
x-amz-id-2: h+668HuOQa24D8IhHK/ztCR95Stz5gHu90XPueCqvs3AOmKpm8KdjcRdi4rTmx7omQjrQ+JF3xg=
x-served-by: cache-fra19136-FRA
last-modified: Mon, 22 Mar 2021 09:45:05 GMT
server: AmazonS3
x-timer: S1616534063.220725,VS0,VE0
date: Tue, 23 Mar 2021 21:14:23 GMT
vary: Accept-Encoding
x-amz-request-id: N4ZZQ19GHB5772W0
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 94
x-cache-hits: 369

GET
H2 200 sha256.20210322-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 25ms
25ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210322-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef01ef9cb68a5e8701d35c52a520d631acd805d540ed282ecb9d4b500099a1d0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NK025OgYQ5lCYv8f06bxrgBKpZCVBAHR
content-encoding: gzip
etag: "c76d415ad4004aa7b4a7e52a73f13cf0"
age: 596
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 2595
x-amz-id-2: HANe2FPafbbjWvc/OF0JZuP80s3zAaEA7hQrB4IYrldbjAJi5+mYahNRNGXGMu3sZ8/j+nlLA0c=
x-served-by: cache-fra19136-FRA
last-modified: Mon, 22 Mar 2021 09:45:14 GMT
server: AmazonS3
x-timer: S1616534063.220709,VS0,VE0
date: Tue, 23 Mar 2021 21:14:23 GMT
vary: Accept-Encoding
x-amz-request-id: 7ZMQB9Q1QMA55MJ9
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 94
x-cache-hits: 2860

GET
H2 200 tb Show response
15.taboola.com/ 36 KB
10 KB 47ms
47ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=editoraglobo-oglobo&unitType=244&tbloc=&pageType=text&pstn=Below%20Page&uuip=Feed%20-%20Below%20Page&cisrf=&cirf=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&encoded=1&uid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&variant=-100|1786072086&callback=TRC.videoTagCallbacks.videoCallback1&cb=1616534063208&tagid=&cntry=NL&platform=1&sesid=d99e3cb62913c2b4ee971c4483050239&itemid=/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&viewid=1616534062878&geolat=&geoing=&deviceifa=&appid=&sd=v2_d99e3cb62913c2b4ee971c4483050239_4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae_1616534062_1616534062_CNawjgYQlv9JGJ6OwYeGLyABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaLGv6bXK_ffOrQE&ri=b85b95675cc37bd578ca95b7664b612a&appname=&cdb=&gdprApplies=true&rid=&sii=1287947589990492290&oee=true&tpubid=1212310&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=NH&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1207970&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210322-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d69c9298bee2cd9f7527bbe6a9bde61e22a92a5787681b112226f3eb3dbbfc4c

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
content-encoding: gzip
access-control-allow-origin: https://oglobo.globo.com
machineid: 1418
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-fra19136-FRA
pragma: no-cache
server: nginx
x-timer: S1616534063.220718,VS0,VE18
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20210322-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 23ms
23ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20210322-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad10580a2db4f25c804967541e45bbe8de75394a4ec28adc6fc8c9c28d9b3c9a

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6vwgm.8apAGYJhxr2wS618AkUZ3W_Cg6
content-encoding: gzip
etag: "c2be4e22db1a2c0cd06beaaa01ea31f4"
age: 30
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1268
x-amz-id-2: PKwQtxaNH9ZoaEoxtiTh/3NC5Ec9m8SD2VyYl81WN+IyaKQ09iP19ZMwzt1qk62A4QT1af34Noo=
x-served-by: cache-fra19136-FRA
last-modified: Mon, 22 Mar 2021 09:45:30 GMT
server: AmazonS3
x-timer: S1616534063.221258,VS0,VE0
date: Tue, 23 Mar 2021 21:14:23 GMT
vary: Accept-Encoding
x-amz-request-id: JT7T38H2VEDGTJN1
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 94
x-cache-hits: 98

GET
H2 200 8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 451 B
515 B 27ms
27ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding: gzip
etag: "1802e318f880ad7e5c7030e9da649cf6"
age: 26118
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 222
x-amz-id-2: 26u72UAXOMkmfOYELC2yWWJUmcPKHCZpTEQ1U309nNa8vJdTJj4KGDvR/ULXzsybj1Df2BDTZRI=
x-served-by: cache-fra19136-FRA
last-modified: Tue, 07 Jul 2020 17:40:49 GMT
server: AmazonS3
x-timer: S1616534063.234300,VS0,VE0
date: Tue, 23 Mar 2021 21:14:23 GMT
vary: Accept-Encoding
x-amz-request-id: 96FX62PAEAQKREZJ
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: text/css
abp: 94
x-cache-hits: 13

GET
H2 200 userx.20210322-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 28ms
27ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210322-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8154ba70fd1df54a3c6c07e487d8ecca0e10cafcae08c3f90532591a0d12899

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 00SmOYnDEZnHceXWBjqBs5CmDfiF.x6Q
content-encoding: gzip
etag: "8256e00a48b8c2cd87eca23f69078d8a"
age: 41
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7856
x-amz-id-2: grkWKTzD98aJdQi+jFqzrJ6tnwlJn6jS2A5bmSxTYVd1W5HV1fb0hmK9WIOY0eiMnKfCkZuM2Ig=
x-served-by: cache-fra19136-FRA
last-modified: Mon, 22 Mar 2021 09:45:01 GMT
server: AmazonS3
x-timer: S1616534063.241991,VS0,VE0
date: Tue, 23 Mar 2021 21:14:23 GMT
vary: Accept-Encoding
x-amz-request-id: V8CFZ7RQAKBW4ZMB
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 94
x-cache-hits: 25

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame B1B8
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=83d70dd6-f68c-4145-a254-db72face5123
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=83d70dd6-f68c-4145-a254-db72face5123&tbid=c0b52878-d4e4-4cb0-857e-5d15a623604b-tuct753dfaf&query=taboola_hm%3D83d70dd6-f68c-...

0
53 B

38ms
37ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=83d70dd6-f68c-4145-a254-db72face5123&tbid=c0b52878-d4e4-4cb0-857e-5d15a623604b-tuct753dfaf&query=taboola_hm%3D83d70dd6-f68c-4145-a254-db72face5123&isDirect=0
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1616534063.344751,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19136-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=83d70dd6-f68c-4145-a254-db72face5123&tbid=c0b52878-d4e4-4cb0-857e-5d15a623604b-tuct753dfaf&query=taboola_hm%3D83d70dd6-f68c-4145-a254-db72face5123&isDirect=0
tbl-x-upstream: 10.41.22.181:10213
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1942

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame B1B8 0
239 B 26ms
23ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame B1B8
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=SS4Ui8qkIeHL&ev=1&orig=trc&pid=562107

0
217 B

17ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=SS4Ui8qkIeHL&ev=1&orig=trc&pid=562107
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 3629

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=SS4Ui8qkIeHL&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-mtfsm
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame B1B8 43 B
693 B 27ms
24ms Image
image/gif 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 21:14:23 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.237:80
AN-X-Request-Uuid: 5618a434-2282-470a-9349-8f88d2ebc75e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame B1B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIUReWHoBzVDN79GNE1cjEg&google_cver=1

0
216 B

32ms
32ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIUReWHoBzVDN79GNE1cjEg&google_cver=1
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Tue, 23 Mar 2021 21:14:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1616534063.297157,VS0,VE10
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19136-FRA

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIUReWHoBzVDN79GNE1cjEg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame B1B8 42 B
805 B 25ms
22ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae:$UID
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:23 GMT
X-lat: lhrpug009:0:505
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B1B8
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c0b52878-d4e4-4cb0-857e-5d15a623604b-tuct753dfaf

170 B
213 B

32ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c0b52878-d4e4-4cb0-857e-5d15a623604b-tuct753dfaf

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c0b52878-d4e4-4cb0-857e-5d15a623604b-tuct753dfaf
tbl-x-upstream: 10.40.0.175:10213
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1942

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame B1B8
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=11fe9fc1-0a68-4f67-80ac-3c2abfb51186

0
63 B

34ms
33ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=11fe9fc1-0a68-4f67-80ac-3c2abfb51186
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 23 Mar 2021 21:14:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1616534063.336232,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19136-FRA

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=11fe9fc1-0a68-4f67-80ac-3c2abfb51186
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame B1B8
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

26ms
26ms

Image
text/plain

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 21:14:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 21:14:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame B1B8 49 B
406 B 168ms
167ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-7zj85
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame B1B8 43 B
697 B 26ms
25ms Image
image/gif 185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&gdpr=0&gdpr_consent=
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:23 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame B1B8 42 B
233 B 132ms
132ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 21:14:23 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 204 put
e1.emxdgt.com/ Frame B1B8 0
45 B 22ms
21ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B1B8
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=baeccf21-b3ef-43c5-b19c-13ef22510068

0
227 B

16ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=baeccf21-b3ef-43c5-b19c-13ef22510068
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1960

Redirect headers

pragma: no-cache
x-errorlevel: 0
date: Tue, 23 Mar 2021 21:14:22 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=baeccf21-b3ef-43c5-b19c-13ef22510068
cache-control: no-cache
server-processing-duration-in-ticks: 3100
content-type: text/html; charset=utf-8
content-length: 222
expires: Tue, 23 Mar 2021 00:00:00 GMT

GET

check
pixel.tapad.com/idsync/ex/push/ Frame B1B8
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMODIWla6Y0gsB_RQssrR7fCUSQdPKJ_Ip5H_NydQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMODIWla6Y0gsB_RQssrR7fCUSQdPKJ_Ip5H_NydQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=f705165f-8000-4681-a938-e35a38336c42&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESED2bA8MjOnm3X6Izaz05WVg&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESED2bA8MjOnm3X6Izaz05W...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=949798523058985221&opid=apx&ops=&utidl=tech:goo:CAESED2bA8MjOnm3X6Izaz05WVg&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aW...
https://id5-sync.com/qp/18.gif?puid=vec%3A16429287799&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/4/4.gif?puid=e3d79e8ee37d51462e105dd0230a02c5&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/3/5.gif?puid=01821c4a-0c8b-4dd8-bbb8-cb72b74fd351&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame B1B8
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=OwL2G0EhBeyKb_XRL1paYA

0
217 B

18ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=OwL2G0EhBeyKb_XRL1paYA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 8907

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=OwL2G0EhBeyKb_XRL1paYA
date: Tue, 23 Mar 2021 21:14:23 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame B1B8 35 B
380 B 125ms
125ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Tue, 23 Mar 2021 21:14:03 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame B1B8 0
155 B 264ms
89ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&_r=2501995
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 Mar 2021 21:14:23 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame B1B8
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola
https://x.bidswitch.net/sync?dsp_id=188&user_id=aykf4dM7SuFLYN5tJ6j1nLnUq0M&user_group=1&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e70ecfdf-3065-4cd6-9837-6fccec202996

0
227 B

22ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e70ecfdf-3065-4cd6-9837-6fccec202996
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.222:10213
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 8794

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e70ecfdf-3065-4cd6-9837-6fccec202996
date: Tue, 23 Mar 2021 21:14:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
275 B 16ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=22%3A14%3A23.212&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&id=5723&cv=20210322-4-RELEASE&lt=deflated&pct=1
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1966
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.195:10213

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
276 B 16ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=22%3A14%3A23.213&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&id=3417&cv=20210322-4-RELEASE&lt=deflated&pct=1
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 5801
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.34.201:10213

GET
H2 204 social
trc-events.taboola.com/editoraglobo-oglobo/log/3/ 0
276 B 17ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/3/social?route=AM:AM:V&lti=deflated&ri=b85b95675cc37bd578ca95b7664b612a&sd=v2_d99e3cb62913c2b4ee971c4483050239_4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae_1616534062_1616534062_CNawjgYQlv9JGJ6OwYeGLyABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaLGv6bXK_ffOrQE&ui=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&pi=/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&wi=1287947589990492290&pt=text&vi=1616534062878&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%22Andr%C3%A9%20Machado%20e%20Carolina%20Br%C3%ADgido%22%5D%2C%22img%22%3A%22https%3A%2F%2Fogimg.infoglobo.com.br%2Fin%2F24911282-108-3f3%2FFT1086A%2Fhacking-1685092_1280.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=22%3A14%3A23.252&id=3396&llvl=1&cv=20210322-4-RELEASE&
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 7091
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.34.222:10213

GET
H2 204 abtests
trc.taboola.com/editoraglobo-oglobo/log/3/ 0
228 B 34ms
33ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editoraglobo-oglobo/log/3/abtests?route=AM:AM:V&lti=deflated&ri=b85b95675cc37bd578ca95b7664b612a&sd=v2_d99e3cb62913c2b4ee971c4483050239_4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae_1616534062_1616534062_CNawjgYQlv9JGJ6OwYeGLyABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaLGv6bXK_ffOrQE&ui=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&pi=/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&wi=1287947589990492290&pt=text&vi=1616534062878&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1616534063264%7D&tim=22%3A14%3A23.264&id=2362&llvl=1&cv=20210322-4-RELEASE&
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 23 Mar 2021 21:14:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1616534063.405454,VS0,VE9
x-served-by: cache-fra19136-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.3.5/ 94 KB
27 KB 24ms
23ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.3.5/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210322-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8b5f1520c414c318127a22e30c0dccce4804a52ee38c9d7365ab6ac3582ffc3

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront), 1.1 varnish
age: 1432792
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 27647
x-served-by: cache-fra19136-FRA
last-modified: Sun, 07 Mar 2021 07:14:19 GMT
server: AmazonS3
x-timer: S1616534063.417766,VS0,VE0
etag: "9f36657e1c8f9f00ed624b83ba785dab"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: juxoD15Tg0cH7tWxwQdG-OhG1l7DtHbJeAzOfKpKXoA_W_ZCCeP-Dg==
x-cache-hits: 355567

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
734 B 24ms
24ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 4588
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19136-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1616534063.417693,VS0,VE0
date: Tue, 23 Mar 2021 21:14:23 GMT
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 71
x-cache-hits: 4197

GET
H2 200 optout_check Show response
beacon.krxd.net/ 59 B
218 B 35ms
34ms Script
text/javascript 54.194.235.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.globo.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.235.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-235-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 72fb1f14a5ea7076f8c45ff04deea8fe3f2ce74c4088894e689bbea3588b6c35

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=33 t=1616534063
x-served-by: beacon-n020-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 311 B
467 B 23ms
22ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&technographics=1&callback=Krux.ns.globo.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 52eeff048ba0a9ad5e8933b047808e7d1d4473a703206df4ae9163e497a323b8

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Tue, 23 Mar 2021 21:14:23 GMT
content-encoding: gzip
age: 10
x-served-by: userdata-a005-ash-prod.krxd.net, cache-fra19120-FRA
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=3600
x-age: 0
accept-ranges: bytes
x-timer: S1616534063.489190,VS0,VE0
content-length: 239
x-cache-hits: 0, 1

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a36d7ac92ba44363735fed9401ccb9e5bc57237a42f095a5bfb2d6f5e8e8077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 21:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6479
x-xss-protection: 0

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F90C 42 B
132 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssI3o_2vxi2LSQwZbAdobun7Sqw2ocLCCaWFdPRZhHDP88gzSDWMt5egxeZE0xWS0DiSLeWiflBITPBpU8KmGZjlTeH4_v1xZ8hxLzSOdYcRMFbXcfQaF-eOo0v4O-Mf3fvJFtWMg-xa2Br-Z6Dz4K_&sai=AMfl-YQN-PPqRF22nlaRA8KQ9nmJoigLW4dVRqzYiJ2nX0rHCVxEE1QVEX_4ItNmTlyPtSyn4T1zlhFx0BzPeKvdvbKsqamSCq3mDScc0F-nr8fysffoW7JAp1T09lDS&sig=Cg0ArKJSzB07EnrWoocsEAE&cid=CAASF-RoY-nE6xQumC6nss-cDYjrRFktECxq&id=osdim&mcvt=1034&p=60,315,310,1285&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20210322&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=429226297&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1616534062271&dlt=14&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 235 B
275 B 22ms
22ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05cd99b420cdb9dca2ecb2c7b521282f3eb747fe6f318de052ec00ca156c18b2

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
via: 1.1 varnish
age: 10
x-served-by: consumer-a002-dub-prod.krxd.net, cache-fra19180-FRA
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1616534064.559509,VS0,VE0
content-length: 192
x-cache-hits: 0, 1

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:14:23 GMT

GET
H2 204 social
trc-events.taboola.com/editoraglobo-oglobo/log/3/ 0
277 B 17ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/3/social?route=AM:AM:V&lti=deflated&ri=b85b95675cc37bd578ca95b7664b612a&sd=v2_d99e3cb62913c2b4ee971c4483050239_4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae_1616534062_1616534062_CNawjgYQlv9JGJ6OwYeGLyABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaLGv6bXK_ffOrQE&ui=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&pi=/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&wi=1287947589990492290&pt=text&vi=1616534062878&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22Dez%20milh%C3%B5es%20de%20senhas%20de%20brasileiros%20s%C3%A3o%20expostas%20em%20megavazamento%20global%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%22Andr%C3%A9%20Machado%20e%20Carolina%20Br%C3%ADgido%22%5D%2C%22img%22%3A%22https%3A%2F%2Fogimg.infoglobo.com.br%2Fin%2F24911282-108-3f3%2FFT1086A%2Fhacking-1685092_1280.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=22%3A14%3A23.556&id=3198&llvl=1&cv=20210322-4-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 12169
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.34.201:10213

GET
H2 200 467226423720066 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/467226423720066?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5f24931f3757f9403a0bcf5c720a0a01032acda3da55cb60a2946c15a38e58f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70834
x-fb-rlafr: 0
pragma: public
x-fb-debug: 1MMSzqWP8Pe9Sbv6382GXGjkzR/qDBFeTspjPWLsXVqP7aqbhGpCe9/Cf+jWXgQQTiNTCJW+1M0CpR/tHaA4bA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Mar 2021 21:14:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=PageView&dl=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&rl=&if=false&ts=1616534063597&sw=1600&sh=1200&v=2.9.33&r=stable&ec=4&o=30&fbp=fb.1.1616534061813.34313913&it=1616534061627&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 21:14:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=792893547449051&ev=PageView&dl=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&rl=&if=false&ts=1616534063599&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1616534061813.34313913&it=1616534061627&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 21:14:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=PageView&dl=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&rl=&if=false&ts=1616534063600&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616534061813.34313913&it=1616534061627&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 21:14:23 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 943A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 23 Mar 2021 17:32:07 GMT
expires: Wed, 23 Mar 2022 17:32:07 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13336
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js Show response
pagead2.googlesyndication.com/bg/ Frame 943A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c788c3d6b5a5f5931ef45abc5640af29b16f379c2e1634dc32c6c225327f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 17:42:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 99099
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5657
x-xss-protection: 0
expires: Tue, 22 Mar 2022 17:42:44 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 7BB1 1 KB
677 B 33ms
32ms Document
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&cmcv=&pix=undefined&cb=1616534063699&uv=2944&tms=1616534063699&abt=adh5c-1_vA!insc_vA!nrlc_vB!spa2_vA!srd_vA!u2822_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=BC7954EED6756965771296455125&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.5/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 07d9718b46ac0a5c7e18dd23a2de3f95ea03befcc35e91dbad382bfd3f3d6813

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&cmcv=&pix=undefined&cb=1616534063699&uv=2944&tms=1616534063699&abt=adh5c-1_vA!insc_vA!nrlc_vB!spa2_vA!srd_vA!u2822_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=BC7954EED6756965771296455125&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=c0b52878-d4e4-4cb0-857e-5d15a623604b-tuct753dfaf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Tue, 23 Mar 2021 21:14:23 GMT
via: 1.1 varnish
x-served-by: cache-fra19136-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1616534064.887718,VS0,VE11
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame E294 1 KB
1 KB 17ms
17ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.5/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: d5203632316433d0b9f60e322b4d2793ae39f8b222f90500a8f39de28e8d206b

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=c0b52878-d4e4-4cb0-857e-5d15a623604b-tuct753dfaf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Response headers

server: nginx
date: Tue, 23 Mar 2021 21:14:23 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 17ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66353675&crid=5590795&dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&cmcv=&pix=31589837&cb=1616534063699&uv=2944&tms=1616534063699&abt=adh5c-1_vA!insc_vA!nrlc_vB!spa2_vA!srd_vA!u2822_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1616534060076.748!ts:1616534063699&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
content-length: 0
server: nginx

GET
H2 200 produto_oglobo.js Show response
scripts.curtivendi.com.br/scripts/ Frame 5B74 18 KB
6 KB 302ms
101ms Script
text/javascript 159.89.244.107
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.curtivendi.com.br/scripts/produto_oglobo.js

Requested by

Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=d9db2c245b71f526ae00e5c9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.89.244.107 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

5da9ba605b60dde327762404008a1769fe9f5f10fac46bcd7ef439ac78a85b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.007365
date: Tue, 23 Mar 2021 21:14:24 GMT
content-encoding: br
etag: W/"5da9ba605b60dde327762404008a1769"
strict-transport-security: max-age=3600; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
x-request-id: 2ea2d95b67d592312ae5f3c3f0180eaa
expires: 2021-02-21 21:14:24 UTC

GET
H2 204 social
trc-events.taboola.com/editoraglobo-oglobo/log/3/ 0
275 B 17ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/3/social?route=AM:AM:V&lti=deflated&ri=b85b95675cc37bd578ca95b7664b612a&sd=v2_d99e3cb62913c2b4ee971c4483050239_4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae_1616534062_1616534062_CNawjgYQlv9JGJ6OwYeGLyABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaLGv6bXK_ffOrQE&ui=4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae&pi=/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&wi=1287947589990492290&pt=text&vi=1616534062878&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22ln%22%3A%22below-fold%22%2C%22lx%22%3A170%2C%22ly%22%3A749%2C%22m%22%3A%22stp%22%2C%22v%22%3A3%7D%5D%7D&tim=22%3A14%3A23.780&id=9962&llvl=1&cv=20210322-4-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 9775
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.195:10213

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 40ms
40ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031701&jk=1338409530693269&bg=!u7iluPzNAAbUo7L91KM7ACkAdvg8WoUMDmp-NvWxQFRobQ3B-XrfY0GVgHKTyuIoNEqM33lVxl4UeAIAAACKUgAAAA5oAQcKAErFjBeGgmc20IIP0L6GvNxaxEgPluraJF8o_JT4ZVZIqbqOmfZocksY5NjSml9SUPr5S7tGv7F5cj3DCqx7jVHdMRXUAw7QyY_ghJkB0UNKRtTAzGF8y8JuX4EYi0dWx5UUIy_2D62evlzA0mVknHL7IdXws4GmLHqbka0rRdQkbsp2rY3XuEuoKKQ7ErxMjWZHCAB2v_kaIw8Dah3mGT2TRQYimhaxkGdt6mIgQRWsJWcSB1cpaSj1BuEh0Rrl9KliFiGh7K2JeLRgTwzoPxMqBm1WTaGhI38O5ztV3vVGf9eI984i6_4a6CWP5C_wCiVquumJceCPLLzgZjOQoFzHlvqdyFWeR3fWRppkmhXFBGWACGbMiFu3tGajbDZXMEbgHcXeZ1nhR0xooCQGb2RVbsrRQ2gkKD4m-6IfwCRbdYrwhIShYiXG62y-mZ4_BSbE-6NSk_KR7Ls7-xWi00P4YH7XmvbsDufbiYXTjxd9OnblY-S1xahfdsxcFdhmrH_qtu129xXmlni4tGukKjPp_nUq_Ngn3IOr1CtxHnq7A2INaFnnQVR6DJBmKkpSn2qwc5J8TrariQlEZNxTwnj-7HifLXCMf_0N4ZmzehUEFH3kx2YcEw3O9tG9OUxyvcR4Kj5GZnFR-GePUyn_VwXd6zAavthFO1cyn_nivGJXugOBJPbp8rCcKGNSvqjMSUZc2k2fLZ6sRMfIodlx9w

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 33ms
33ms Image
text/plain 54.194.235.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=user_data_timeout&confid=sexqhznbn&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Infoglobo&_kcp_d=oglobo.globo.com&_knifr=12&_kua_kx_tz=-60&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_whistle=0&_kpa_meta_keywordsDELIM=%2C&_kpa_kx_context_terms=Nu7TWfFv%3A1%2CNu7TXc5X%3A1&_kpa_url_path_1=economia&_kpa_url_path_2=dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&_kpa_utag_editoria=economia&_kpa_utag_page_type=Materia&_kpa_utag_produto=O%20Globo&_kpa_browser_name=Chrome&t_navigation_type=0&t_dns=0&t_tcp=0&t_http_request=-1&t_http_response=196&t_content_ready=1152&t_window_load=3368&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=false&sview=1&kplt0=19929&kplt1=19930&kplt2=19936&kplt3=27202&kplt4=30153&kplt5=32767&kplt6=35254&kplt7=38352&kplt8=38515&kplt9=43900&kplt11=46183&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C102%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C85%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C85%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.235.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-235-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=81 t=1616534063
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame E294 43 B
182 B 89ms
87ms Image
image/gif 2600:1f18:612b:4200:ae67:61d5:5bef:8e79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:ae67:61d5:5bef:8e79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame E294 0
124 B 25ms
24ms Script
text/plain 18.184.153.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&excid=22&docw=0&cijs=1&nlb=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.153.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-153-186.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame E294
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=bdf8be1d-8c1c-11eb-b1a4-1ac061c70406&orig=video&us_privacy=1---

0
227 B

16ms
16ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=bdf8be1d-8c1c-11eb-b1a4-1ac061c70406&orig=video&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.222:10213
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 6572

Redirect headers

Date: Tue, 23 Mar 2021 21:14:23 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=bdf8be1d-8c1c-11eb-b1a4-1ac061c70406&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 124
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/ Frame E294
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1577gdpr=1&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=f705165f-8000-4681-a938-e35a38336c42

0
226 B

17ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=f705165f-8000-4681-a938-e35a38336c42
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.64:10213
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 8033

Redirect headers

location: https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=f705165f-8000-4681-a938-e35a38336c42
date: Tue, 23 Mar 2021 21:14:23 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 7BB1 43 B
182 B 88ms
87ms Image
image/gif 2600:1f18:612b:4200:ae67:61d5:5bef:8e79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&cmcv=&pix=undefined&cb=1616534063699&uv=2944&tms=1616534063699&abt=adh5c-1_vA!insc_vA!nrlc_vB!spa2_vA!srd_vA!u2822_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=BC7954EED6756965771296455125&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:ae67:61d5:5bef:8e79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 7BB1 0
124 B 24ms
23ms Script
text/plain 18.184.153.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&cmcv=&pix=undefined&cb=1616534063699&uv=2944&tms=1616534063699&abt=adh5c-1_vA!insc_vA!nrlc_vB!spa2_vA!srd_vA!u2822_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=BC7954EED6756965771296455125&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.153.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-153-186.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:23 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 7BB1
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=bdfb8704-8c1c-11eb-8181-1e8b65532806&orig=video&us_privacy=1---

0
227 B

18ms
17ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=bdfb8704-8c1c-11eb-8181-1e8b65532806&orig=video&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&cmcv=&pix=undefined&cb=1616534063699&uv=2944&tms=1616534063699&abt=adh5c-1_vA!insc_vA!nrlc_vB!spa2_vA!srd_vA!u2822_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=BC7954EED6756965771296455125&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Tue, 23 Mar 2021 21:14:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 5997

Redirect headers

Date: Tue, 23 Mar 2021 21:14:23 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=bdfb8704-8c1c-11eb-8181-1e8b65532806&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 142
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0D69
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

22ms
22ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KMMIN4YV-Z-9958; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhJKmtjCxRUZWfOgl0p+qWPG3gUZ/LCrTlkuDKR3OktVOpDwv9SSiUXyP4Wwn1rWxbuVEZ+xAvac7RQXIhoHWrCM9bI6P1JKS3aQLFbrrxlA==; ses2=; vis2=280410^1; audit=1|naVuGyos1qqs2S4LzH6jUzyTC4TA8CrxtokXz2h4YGVXAKCSe8mIGAi5m+NmE6y5HtmFCvps+XLMboWaW1ii7cQtKI+1btR/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Mar 2021 21:14:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Tue, 23 Mar 2021 21:14:23 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 83BA
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

23ms
22ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&cmcv=&pix=undefined&cb=1616534063699&uv=2944&tms=1616534063699&abt=adh5c-1_vA!insc_vA!nrlc_vB!spa2_vA!srd_vA!u2822_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=BC7954EED6756965771296455125&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imprammp.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KMMIN4YV-Z-9958; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhJKmtjCxRUZWfOgl0p+qWPG3gUZ/LCrTlkuDKR3OktVOpDwv9SSiUXyP4Wwn1rWxbuVEZ+xAvac7RQXIhoHWrCM9bI6P1JKS3aQLFbrrxlA==; ses2=; vis2=280410^1; audit=1|naVuGyos1qqs2S4LzH6jUzyTC4TA8CrxtokXz2h4YGVXAKCSe8mIGAi5m+NmE6y5HtmFCvps+XLMboWaW1ii7cQtKI+1btR/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Mar 2021 21:14:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Tue, 23 Mar 2021 21:14:24 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

/ Show response
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame EA07
Redirect Chain

https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1...
https://us-u.openx.net/w/1.0/cm?cc=1&gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privac...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=caae8bc6-60f1-432a-896d-f94ba85a652a

0
94 B

20ms
20ms

Document
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=caae8bc6-60f1-432a-896d-f94ba85a652a
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V79pYCFgPI-lE165hLrgTI-lE165hLrgUAAAAGBvQHHMLhLVejFYtE261my9lqt1tMlrPRarWYrIbAIRzecjVasUi03Wq2nK12s8lishktRoPRagoRxnKZDGqBhGX2-w6Chs_lBjo0nQ6f616v95n9Fr9dZ_Zb_HaN3-1Xefx2v9vp8Itc1rfaaTb6XZ63yOXWvOxGh-ctcrkllofnaXY5LX_PW_Pwu1XGw99zenjeKrdb7fI5bA_rw-2ym_5undlvcZjdktFysZisdnMAAAAAeACoelqA-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAQEgM1wCg5EgIt-f0spwcbn8AADwUgAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBUoFjECAAAAyKVeHTqa1AmVRRUAAEG6FcAVAEAAHhg8kl4YAACAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTioIjTQPiRLFX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PhJzLlWdjsU2Wi83GMjGtXM7dYmMaDTeD1WCyWW7vULbxraVWb7FvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0PwFcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCEzIcbSar0W61myyHk9FotplskKJVq9loMxiuZpPZbrcaDobL0QgpWrOYTSaL2Wi52wyWk9FgOBkOEYZWxtVs4lytJR6PxS1aLUdr4WIzWQsHg-Fk4lxNbL6NW_T6mH6rzcjmcHlRMCBvL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfcm5XHk2FttkudhsLBPTyuXcLTam0XAzWA0mm-W-tDKuZhPnai3xeCxu0Wo5WgsXm8laOBgMJxPnamLzbdyi18f0W21GNofL35gtZqvNaDCb7BuzxWy1GQ1mk32HzvBdfc5G2fac8qi0Pe_Z8pGZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBOJcTVxrma71cbj2U1Mrt1w43CuJr7ZbDSxLSYLi1iiNF2kE73K47f73U6HX-SyvtVOs9Hv8rxFLrfmZTc6PG-Ryy2xPDxPs8tp-XvemoffrTIe_p7Tw_NWud1ql89he1gfbpfd9HfrzH6Lw-yWjJaLxWS1m6j_6BDD1VyymMwVu8VctlslAAAAAAAAAIAlzJk3AQAAADgNZrda7lbLBZD4s9T9kb705jYch9yN-K4V9KJFESxu_HiiTE7T3_Lwmf0Wv1vvM_stfisDSLiJMm_2TBBrtVrWAAAAAtgAAAAB3Lp5CziR5AA!&cmcv=&pix=undefined&cb=1616534063699&uv=2944&tms=1616534063699&abt=adh5c-1_vA!insc_vA!nrlc_vB!spa2_vA!srd_vA!u2822_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=BC7954EED6756965771296455125&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync-t1.taboola.com
:scheme: https
:path: /sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=caae8bc6-60f1-432a-896d-f94ba85a652a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imprammp.taboola.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=c0b52878-d4e4-4cb0-857e-5d15a623604b-tuct753dfaf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imprammp.taboola.com/

Response headers

server: nginx
date: Tue, 23 Mar 2021 21:14:24 GMT
tbl-x-upstream: 10.40.0.199:10213
x-fastly-to-nlb-rtt: 5486

Redirect headers

vary: Accept, Accept-Encoding
set-cookie: i=9e3857bc-2377-4d8a-a115-30256d00f263|1616534064; Version=1; Expires=Wed, 23-Mar-2022 21:14:24 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.204.1
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=caae8bc6-60f1-432a-896d-f94ba85a652a
date: Tue, 23 Mar 2021 21:14:24 GMT
content-type: text/html
content-length: 0
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0D69 32 KB
10 KB 25ms
25ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 86b7cbfbdf0fc5d41f3f19e934c81ee9817b7b3ea00ced9098f8fb10a1fddae6

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Mar 2021 16:06:23 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74430
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9491
Expires: Wed, 24 Mar 2021 17:54:54 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 83BA 32 KB
10 KB 31ms
30ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 86b7cbfbdf0fc5d41f3f19e934c81ee9817b7b3ea00ced9098f8fb10a1fddae6

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Mar 2021 16:06:23 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74430
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9491
Expires: Wed, 24 Mar 2021 17:54:54 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 0D69 0
239 B 34ms
33ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H/1.1 200
OK produto_oglobo Show response
scripts.mxfwdredir.com/scripts/ Frame 5B74 605 B
1 KB 492ms
197ms Script
text/javascript 69.46.4.44
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.mxfwdredir.com/scripts/produto_oglobo
Requested by: Host: scripts.curtivendi.com.br
URL: https://scripts.curtivendi.com.br/scripts/produto_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.46.4.44 , United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Phusion Passenger 6.0.7
Resource Hash: 8c998ffcf15ab8e06af1ff07056cca85e82b748aaca47f84d9a2589f7dd87f0b

Request headers

Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.006009
Date: Tue, 23 Mar 2021 21:14:24 GMT
etag: W/"8c998ffcf15ab8e06af1ff07056cca85"
Server: nginx/1.14.0 (Ubuntu)
status: 200 OK
x-powered-by: Phusion Passenger 6.0.7
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, public
Connection: keep-alive
x-request-id: 83bbf164-1d5c-4628-9388-e703dce6e92a
expires: 2021-02-21 21:14:24 UTC

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 83BA 0
239 B 44ms
30ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

POST
H2 200 /
www.facebook.com/tr/ 0
54 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryw0WA4gdcBiiKBVGQ

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 23 Mar 2021 21:14:24 GMT
content-type: text/plain
access-control-allow-origin: https://oglobo.globo.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0D69
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESENt_FISIwPBq4SKMo29XTd8&google_cver=1

0
239 B

35ms
34ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESENt_FISIwPBq4SKMo29XTd8&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESENt_FISIwPBq4SKMo29XTd8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0D69
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/9yuiaCLe87hlEZl4QWgBUw?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8388510146163247508

0
239 B

31ms
31ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8388510146163247508
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

date: Tue, 23 Mar 2021 21:14:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8388510146163247508
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0D69
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d480605a-5a2f-4700-b107-42b8361fe7c2&gdpr=1&gdpr_consent=

0
239 B

22ms
22ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d480605a-5a2f-4700-b107-42b8361fe7c2&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Date: Tue, 23 Mar 2021 21:14:24 GMT
Server: MT3 3611 f10363c master zrh-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d480605a-5a2f-4700-b107-42b8361fe7c2&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 Mar 2021 21:14:23 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 0D69
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDg0M2MxMzU2OGQxMWQxOWYyYmQ3ZjQyYWMzYzA3NjkwNGExZDNhMw&gdpr=1&us_privacy=1---

170 B
190 B

32ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDg0M2MxMzU2OGQxMWQxOWYyYmQ3ZjQyYWMzYzA3NjkwNGExZDNhMw&gdpr=1&us_privacy=1---

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDg0M2MxMzU2OGQxMWQxOWYyYmQ3ZjQyYWMzYzA3NjkwNGExZDNhMw&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 0D69 0
0 56ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 0D69 70 B
264 B 38ms
36ms Image
image/gif 34.246.156.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.156.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-156-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 0D69
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01NSU40WVYtWi05OTU4&gdpr=1&us_privacy=1---

170 B
190 B

32ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01NSU40WVYtWi05OTU4&gdpr=1&us_privacy=1---

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01NSU40WVYtWi05OTU4&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0D69
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1---
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1---&_test=YFpaMAAAAL...
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFpaMAAAAL1RzFZV&gdpr=1&us_privacy=1---&_test=YFpaMAAAAL1RzFZV

0
239 B

28ms
26ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFpaMAAAAL1RzFZV&gdpr=1&us_privacy=1---&_test=YFpaMAAAAL1RzFZV
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 21:14:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1616534064.306985,VS0,VE0
x-served-by: cache-fra19176-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFpaMAAAAL1RzFZV&gdpr=1&us_privacy=1---&_test=YFpaMAAAAL1RzFZV
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/editoraglobo-oglobo/log/3/ 0
300 B 38ms
38ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-oglobo/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210322-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 23 Mar 2021 21:14:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1616534064.272241,VS0,VE9
x-served-by: cache-fra19136-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://oglobo.globo.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 left-rail-desktop Show response
recomendacao.globo.com/rec/v2/item/oglobo/ 8 KB
2 KB 233ms
233ms Fetch
application/json 131.0.25.26
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://recomendacao.globo.com/rec/v2/item/oglobo/left-rail-desktop?documentKey=esid:conteudo_editorial_oglobo%23materia%23OGlobo-24911257&limit=4&registerImpression=false

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.26 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-26.prt.globo.com

Software

Resource Hash

c6bff859b3b49168126cd9cee9329adb4bd8ecfdd49b2c0fecbb2dee20e27531

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:24 GMT
content-encoding: gzip
strict-transport-security: max-age=60
access-control-allow-methods: GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://oglobo.globo.com
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Cookie,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1901
x-request-id: 1bc20870-e9a8-49bb-bccf-82cbe799c9f2
expires: Tue, 23 Mar 2021 21:24:24 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 78 B
237 B 33ms
33ms Script
text/javascript 54.194.235.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.globo.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.235.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-235-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c1cb7e666aac799c701ea306891535b67d836829a49da744a5de44f786b01c8a

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:24 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=30 t=1616534064
x-served-by: beacon-n005-dub-prod.krxd.net
content-type: text/javascript

GET
H/1.1 200
OK bolso.jpeg.jpg
ogimg.infoglobo.com.br/in/24937993-ba7-e7a/FT1086A/79/ 4 KB
4 KB 214ms
213ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/24937993-ba7-e7a/FT1086A/79/bolso.jpeg.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

f708d63b613a6a935d93312e180d2528ad879ccaef4957eb98121d3b50df0ad5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:09:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 297
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 3529
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 186

GET
H/1.1 200
OK 92070366_RIRio-de-Janeiro-RJ-18032021A-16-DP-Barra-Monique-Medeiros-e-o-padrasto-o-verea.jpg
ogimg.infoglobo.com.br/in/24937315-16e-c49/FT1086A/79/ 5 KB
5 KB 213ms
212ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/24937315-16e-c49/FT1086A/79/92070366_RIRio-de-Janeiro-RJ-18032021A-16-DP-Barra-Monique-Medeiros-e-o-padrasto-o-verea.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

5d0b7ca79fdaba90b6510fdef15fe1cfae35a3a5d691afaa6bf0d67aeb151ddd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 14:18:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 25049
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 4558
Last-Modified: Tue, 23 Mar 2021 14:16:35 GMT
Server: Apache
ETag: "403456ea-124c-5be34d470dcca-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 14633

GET
H/1.1 200
OK upa_ermelino.jpeg.jpg
ogimg.infoglobo.com.br/in/24934346-ba7-fe2/FT1086A/79/ 5 KB
5 KB 425ms
210ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/24934346-ba7-fe2/FT1086A/79/upa_ermelino.jpeg.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

09fc2da8851789115adda7f345f23907edfdf02577d40ccecb0bdb2c3bdbc13b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:23:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 291070
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 4893
Last-Modified: Sat, 20 Mar 2021 12:22:23 GMT
Server: Apache
ETag: "40059490-1397-5bdf6e28154a1-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 18473

GET
H2 200 safeframe Show response
tags.fulllab.com.br/ Frame 7D63 2 KB
1 KB 300ms
100ms Document
text/html 159.89.241.163
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.fulllab.com.br/safeframe

Requested by

Host: scripts.mxfwdredir.com
URL: https://scripts.mxfwdredir.com/scripts/produto_oglobo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.89.241.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

bad2d6145e7686c901419c66a3874a615901c676868035af01af880ceb61ca26

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tags.fulllab.com.br
:scheme: https
:path: /safeframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com/

Response headers

date: Tue, 23 Mar 2021 21:14:24 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-cache
x-request-id: 7ff148022e377e88ae547f31c7f61cf8
x-runtime: 0.002577
strict-transport-security: max-age=3600; includeSubDomains
content-encoding: br

GET
H2 200 fingerprint2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/ Frame 7D63 29 KB
10 KB 15ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/fingerprint2.min.js

Requested by

Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://tags.fulllab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1039601
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9392
cf-request-id: 09028966f000002be985b9b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5c-72e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0dfwn%2Fgzmgtxxz6BdpY9A550XpFGvLtsPLyZt8om%2B5Oo0UXhZ7mcXg%2B26vZRx5J88%2FZld8W6SPinJBEoFvpLEtJuerLLhljG2Z4iDIIm1gagJdkZLuFwNTMatg9twvhNzg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 634aab518de82be9-FRA
expires: Sun, 13 Mar 2022 21:14:24 GMT

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ Frame 7D63 2 KB
1 KB 16ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js

Requested by

Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://tags.fulllab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2938263
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 701
cf-request-id: 09028966f100002be963335000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-653"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B5torI8QS1DcHN5O%2B1zuZVpJOAru%2Fs0HDt53o%2BcURw3Y%2FRxJdAq95GIgVR3oOFp09%2B35KbupqVNqsZopGDdNXRKeSLgLe0OrxC%2B%2F1LVLb%2FKK1EOWZ8oYyLFJfVikHwz7Fg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 634aab518dea2be9-FRA
expires: Sun, 13 Mar 2022 21:14:24 GMT

GET
H2 200 url-tld.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-url/2.5.3/ Frame 7D63 4 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-url/2.5.3/url-tld.min.js

Requested by

Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60bde0d59162a6f552ccc30dbf009b15adafbe7dd0a9a7e172f1f1223cbc4a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://tags.fulllab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5354668
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1574
cf-request-id: 09028966f100002be9a7b9b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-fd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ols%2BzzLX8OgkmzzoxR2wAWKjQ%2BEW0dnbPO4pX77166e0STm8Reb%2FQDwr34LyqAd5G037dbHxe536fdPYrxkpUKx6snrAyml5IRUNM26fi3NXg3yj6JEfBwx8gO3UBc8ekQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 634aab518dec2be9-FRA
expires: Sun, 13 Mar 2022 21:14:24 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 33ms
33ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:25 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 24 Mar 2021 21:14:25 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 70ms
27ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:14:25 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 24 Mar 2021 21:14:25 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FD23 281 B
554 B 24ms
23ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KMMIN4YV-Z-9958; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhJKmtjCxRUZWfOgl0p+qWPG3gUZ/LCrTlkuDKR3OktVOpDwv9SSiUXyP4Wwn1rWxbuVEZ+xAvac7RQXIhoHWrCM9bI6P1JKS3aQLFbrrxlA==; ses2=; vis2=280410^1; audit=1|naVuGyos1qqs2S4LzH6jUzyTC4TA8CrxtokXz2h4YGVXAKCSe8mIGAi5m+NmE6y5HtmFCvps+XLMboWaW1ii7cQtKI+1btR/; pux=1512%3D98398%262249%3D98398%262307%3D98398%262974%3D98398%263778%3D98398%262249-DV360-Hosted%3D98398%26idl%3D98398%26goog%3D98398%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Mar 2021 21:14:26 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 cs.html Show response
cs.seedtag.com/ Frame CF93 72 KB
18 KB 59ms
59ms Document
text/html 104.18.134.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.seedtag.com/cs.html?ga=true&cd=undefined
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.134.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c98b94edd1f2b0aa52f92bb16df5c2e5f4886d0cce3f1afad8799f025cfe54

Request headers

:method: GET
:authority: cs.seedtag.com
:scheme: https
:path: /cs.html?ga=true&cd=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: st_uid=7e0ecd91-4a53-44e6-96f6-fc241741d550; st_ssp=Y291bnRyeV9uYW1lPU5ldGhlcmxhbmRzJmNvdW50cnlfaXNvMj1OTCZjb3VudHJ5X2lzbzM9TkxEJnJlZ2lvbl9uYW1lPU5vcnRoIEhvbGxhbmQmcmVnaW9uX2lzbzI9TkgmY2l0eV9uYW1lPUFtc3RlcmRhbSZsYXRpdHVkZT01Mi4zMTA5JmxvbmdpdHVkZT00Ljk0NTMmemlwPTExMDE=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257

Response headers

date: Tue, 23 Mar 2021 21:14:26 GMT
content-type: text/html
set-cookie: __cfduid=d7af2fbdf50879d454d550f2c90b8c3fc1616534066; expires=Thu, 22-Apr-21 21:14:26 GMT; path=/; domain=.seedtag.com; HttpOnly; SameSite=Lax
x-guploader-uploadid: ABg5-UzOTYvWHFEd3BugBnm_Xlfq6u0Z3a_mzYZNYgSXNYgZKLfOhHohoqoVQwA9Fu2aLaw7tD9AKt7jKHgr7sAYRbSRqhU1HQ
expires: Tue, 23 Mar 2021 21:14:26 GMT
last-modified: Tue, 23 Mar 2021 11:05:05 GMT
etag: W/"651853535593257512d3235aa0e5a0e5"
x-goog-generation: 1616497505937997
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 18403
x-goog-hash: crc32c=Q9VEAA== md5=ZRhTU1WTJXUS0yNaoOWg5Q==
x-goog-storage-class: REGIONAL
vary: Accept-Encoding
cache-control: public,max-age=0
age: 0
cf-cache-status: DYNAMIC
cf-request-id: 0902896ec60000bdff5f21d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 634aab5e0927bdff-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FD23 32 KB
10 KB 25ms
25ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 86b7cbfbdf0fc5d41f3f19e934c81ee9817b7b3ea00ced9098f8fb10a1fddae6

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 21:14:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Mar 2021 16:06:23 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74428
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9491
Expires: Wed, 24 Mar 2021 17:54:54 GMT

GET
H2 200 __activity.gif
query.petametrics.com/v3/2v84n8g15c1895dv/2160a617-8bcd-4643-fd74-4d8f53af8010/ 35 B
94 B 114ms
113ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/2v84n8g15c1895dv/2160a617-8bcd-4643-fd74-4d8f53af8010/__activity.gif?e=stuck_10s&ct=Dez+milh%C3%B5es+de+senhas+de+brasileiros+s%C3%A3o+expostas+em+megavazamento+global&ccu=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&tspl=11580&blst=1214&ist=1571&iet=1581&bdst=1214&bdet=1565&bcttt=18&ts=1616534071657&jsk=2v84n8g15c1895dv&jsv=20210217&cu=https%3A%2F%2Foglobo.globo.com%2Feconomia%2Fdez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257&uid=2160a617-8bcd-4643-fd74-4d8f53af8010&sid=bd3b955b-2e91-4b9e-ed46-429df5a54dbf&pvid=a979b22c-0256-406c-e1e4-7f50269442e6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F89.0.4389.72+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&tzo=-60&w=null&source=null&sdk=bc-pixel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Mar 2021 21:14:31 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: clear
content-length: 35
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

379 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 02:23:50	Name: IDE Value: AHWqTUm0Dvx6pg3y9hXNbjvbAMl1Gms-3buiJ1Woo5rqbOnzJh9YsaPHuJAXhQ2mD9k
.criteo.com/	1970-01-20 02:23:50	Name: uid Value: baeccf21-b3ef-43c5-b19c-13ef22510068
oglobo.globo.com/	1970-01-19 21:21:26	Name: kxglobo_whistle Value: 0
oglobo.globo.com/	1970-01-19 17:02:15	Name: _tb_t_ppg Value: https%3A//oglobo.globo.com/economia/dez-milhoes-de-senhas-de-brasileiros-sao-expostas-em-megavazamento-global-24911257
.globo.com/	1970-01-20 02:23:50	Name: __gads Value: ID=c4ea5b25da2f54cf:T=1616534061:S=ALNI_MZOEX_w8uAOzeQu7nENLRK9Y89Ukg
.twitter.com/	1970-01-20 10:33:26	Name: personalization_id Value: "v1_kCG8d/a3bL8m27mXC7s2uA=="
.globo.com/	1970-01-19 17:02:15	Name: hsid Value: a98b4fcc-5fb2-4503-bede-df075105d7dc
.globo.com/	1970-01-19 17:02:14	Name: _hzt.interval Value: 20000
oglobo.globo.com/	1970-01-19 17:02:20	Name: kxglobo_visits Value: 1
.globo.com/	1970-01-19 17:02:14	Name: _dc_gtm_UA-51216819-1 Value: 1
.globo.com/	1970-01-20 01:48:11	Name: glb_uid Value: cetaggjKUiOO1ZGQphDT6g8tdNGmzA2HMEKpiOWkxpE=
oglobo.globo.com/	1970-01-19 17:02:15	Name: _tb_sess_r Value:
.globo.com/	1970-01-20 01:47:50	Name: utag_main Value: v_id:017860f0404d007d24bf6fd7f54c00072007406a00b08$_sn:1$_ss:1$_pn:1%3Bexp-session$_st:1616535861133$ses_id:1616534061133%3Bexp-session
.globo.com/	1970-01-19 17:02:15	Name: _hjFirstSeen Value: 1
.globo.com/	1970-01-20 01:47:50	Name: _hjid Value: 31dda73a-0f2c-475b-ac11-e4206926dc49
.globo.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.globo.com/	1970-01-19 19:11:50	Name: _fbp Value: fb.1.1616534061813.34313913
.globo.com/	1970-01-19 17:02:15	Name: deepbi_user_session Value: 72aeefa8-6d7c-4152-b945-89d45bc3f4c8\|0
.globo.com/	1969-12-31 23:59:59	Name: _igt Value: bd3b955b-2e91-4b9e-ed46-429df5a54dbf
.globo.com/	1970-01-20 01:47:50	Name: _ig Value: 2160a617-8bcd-4643-fd74-4d8f53af8010
oglobo.globo.com/economia	1970-01-19 17:03:40	Name: privAu Value: 0
.globo.com/	1970-01-20 01:40:38	Name: cookie-banner-consent-accepted Value: false
.globo.com/	1970-01-20 01:48:11	Name: kppid Value: 59246811841372102796
.globo.com/	1970-01-19 17:03:40	Name: _gid Value: GA1.2.1971791220.1616534062
oglobo.globo.com/	1970-01-20 01:47:50	Name: trc_cookie_storage Value: editoraglobo-oglobo%253Asession-data%3Dv2_d99e3cb62913c2b4ee971c4483050239_4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae_1616534062_1616534062_CNawjgYQlv9JGJ6OwYeGLyABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaLGv6bXK_ffOrQE%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522editoraglobo-oglobo%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQhD6kWgMCwiJARD6kWgMCwiRARD6kWgMCwggEPqRaAwLCKEBEPqRaAwLCKIBEPqRaAwLCCQQ-pFoDAsIJxD6kWgMCwirARD6kWgMCwitARD6kWgMCwiuARD6kWgMCwivARD6kWgMCwiwARD6kWgMCwiyARD6kWgMCwi1ARD6kWgMCwi2ARD6kWgMCwg7EPqRaAwLCD0Qm8NnDAsIPxC6-2cMDBMU%7Ctaboola%2520global%253Auser-id%3D4e856b95-bccb-4594-8132-80082b95bf7c-tuct753dfae
.globo.com/	1970-01-20 10:33:26	Name: _ga Value: GA1.2.241461513.1616534062
.doubleclick.net/	1970-01-19 17:02:17	Name: DSID Value: NO_DATA
.globo.com/	1970-01-19 17:02:17	Name: AMP_TOKEN Value: %24NOT_FOUND
.globo.com/	1970-01-20 01:47:50	Name: nav13574 Value: df0034cbc96abfdf9e5777b6e09_83
oglobo.globo.com/economia	1970-01-20 10:33:26	Name: _gada_id.8e9a Value: 5cbe0b52-f3de-43c9-8654-1ccddf11c109.1616534062.1.1616534062.1616534062.4e433fe2-efd5-4d3e-afb6-6f6bdc005077
oglobo.globo.com/economia	1970-01-19 17:02:15	Name: _gada_ses.8e9a Value: *

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js(Line 162) Message: ad positions: /85042905/info.web.oglobo/economia/materia,1,1,pub-floating,[object Object],/85042905/info.web.oglobo/economia/materia,970,90,970,250,728,90,1190,250,1190,150,1,1,pub-super-1,[object Object],/85042905/info.web.oglobo/economia/materia,970,250,pub-vitrine,[object Object],/85042905/info.web.oglobo/economia/materia,1,1,pub-in-image,[object Object]
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.
console-api	log	URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.1.js?utv=202010011440(Line 2) Message: Prebid imprimiu => pub-floating
console-api	log	URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.1.js?utv=202010011440(Line 2) Message: Prebid imprimiu => pub-super-1
console-api	log	URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.1.js?utv=202010011440(Line 2) Message: Prebid imprimiu => pub-vitrine
console-api	log	URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.1.js?utv=202010011440(Line 2) Message: Prebid imprimiu => pub-in-image
console-api	log	(Line 1) Message: taboola
console-api	log	URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js(Line 172) Message: Materia
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	error	URL: https://banner.boostbox.com.br/parcels/application-58c780f7a16db3077aa8bd08cfe9a5cc.js(Line 26) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210322-4-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbs-feed-01
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210322-4-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbs-feed-01
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210322-4-RELEASE.js(Line 3) Message: undefined
console-api	log	(Line 3) Message: https://recomendacao.globo.com/rec/v2/item/oglobo/left-rail-desktop?documentKey=esid:conteudo_editorial_oglobo%23materia%23OGlobo-24911257&limit=4&registerImpression=false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

032bcb5542ebc5951662d6357aea49ae.safeframe.googlesyndication.com
15.taboola.com
3088c5ef30eb0db42a3873ac3876d057.safeframe.googlesyndication.com
ad.360yield.com
ads.rubiconproject.com
ads.yap.yahoo.com
adservice.google.com
adservice.google.nl
am-match.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
analysis.infoglobo.com.br
analytics.twitter.com
api.deep.bi
banner.boostbox.com.br
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bttrack.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.onesignal.com
cdn.petametrics.com
cdn.polyfill.io
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
config.seedtag.com
connect.facebook.net
consumer.krxd.net
cs.seedtag.com
dis.criteo.com
dsp.adkernel.com
e1.emxdgt.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gadasource.storage.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
ib.adnxs.com
id.rlcdn.com
imprammp.taboola.com
match.adsrvr.org
match.taboola.com
ogcss.infoglobo.com.br
ogimg.infoglobo.com.br
ogjs.infoglobo.com.br
oglobo.globo.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-us.creativecdn.com
prg.smartadserver.com
query.petametrics.com
recomendacao.globo.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
s.glbimg.com
s.seedtag.com
s0.2mdn.net
s3.glbimg.com
sb.scorecardresearch.com
script.hotjar.com
scripts.curtivendi.com.br
scripts.mxfwdredir.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.ads-twitter.com
static.criteo.net
static.hotjar.com
static.infoglobo.com.br
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
syndication.twitter.com
t.co
taboola-supply-partners.tremorhub.com
tag.navdmp.com
tags.fulllab.com.br
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
us-u.openx.net
usr.navdmp.com
vars.hotjar.com
vidstat.taboola.com
widget.perfectmarket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
pixel.tapad.com
104.18.134.145
104.244.42.136
104.244.42.3
104.244.42.5
13.226.159.100
13.226.159.122
131.0.25.125
131.0.25.211
131.0.25.26
131.0.25.68
141.226.224.32
141.226.228.48
142.250.185.162
142.250.185.98
142.250.186.130
146.88.138.85
151.101.12.157
151.101.13.44
151.101.14.133
151.101.14.49
151.101.193.181
159.89.241.163
159.89.244.107
172.105.203.31
174.137.133.49
178.250.0.163
178.250.2.131
18.184.153.186
18.185.197.81
18.195.155.181
185.184.10.30
185.29.132.68
185.64.190.80
185.86.138.122
185.86.138.142
185.94.180.126
186.192.81.117
186.192.90.3
186.192.91.5
192.132.33.46
198.148.27.139
201.7.177.131
201.7.177.155
201.7.177.167
212.82.100.146
213.19.162.61
23.37.42.132
23.37.53.17
23.37.56.41
2600:1f18:612b:4200:ae67:61d5:5bef:8e79
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:28b9
2606:4700:10::6816:295
2606:4700::6810:125e
2606:4700::6810:ff3
2606:4700::6812:e134
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:801::2006
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:827::2010
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c07::9d
2a02:2638::1c
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
2a04:4e42:3::621
3.123.237.40
34.246.156.173
34.96.106.9
35.156.223.207
35.190.14.224
35.244.159.8
35.244.174.68
37.252.173.22
50.16.38.94
52.28.33.202
54.194.235.254
69.173.144.138
69.46.4.44
72.251.249.14
000b9e89585f05b36a869eaf4dd6e25f9e2523e1f13117f24b63791c97d6a00d
0275573708ed4d4c58b9aedcc75dab8ec454af5ae5d5528bc0a0a6b0656febdd
0289cd705d0c6286fb311dbb11ab4b3f130fb98b029201e39e91149d88fe9e08
05cd99b420cdb9dca2ecb2c7b521282f3eb747fe6f318de052ec00ca156c18b2
074e49072fb7b95866451c62f6ae142cc9f3a61523ec54cd62e0af1bcfb1ed8d
0760fe7582360f8cdec614ab9da3da8650b646907623b330366618b31f9f8db5
0795dfcc44723e8a1ed4048e1052d5f2f30a8e0723f3904e98cab476cec518c4
07d9718b46ac0a5c7e18dd23a2de3f95ea03befcc35e91dbad382bfd3f3d6813
084ed547b50032cc86e707cc5d21a3e0fcde20ae4bec1c16d783ce1e7f288bf9
090240ec0c1e2cad051eb931eaca0bb7f30a9c0e52c9cc727dc86aa0160a9810
09fc2da8851789115adda7f345f23907edfdf02577d40ccecb0bdb2c3bdbc13b
0a633e985c39a41e396efe84fcaef6810dbe081d2a0c34816a319c1aa5fc52ed
0b57ae004a5c9c85e175d027c7a2f15c2a0fd6dd39bb538fd1230119511544aa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca03ba5e62191cd4b02e7d50fab01d9aea80eb989c28f14037ae858d3b64e34
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0d3e1ab21a8c565d63e5edb8d9f9286c110271f186ae66a10628cd0f5a3ae48a
0def64e72f1672682ec354455902da3da696b47b666312e6b527cd1bc338abc5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10714298e3746bb05db815decba0efd2301cbb6d8690e88fa848857910f04170
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16b115bf807aeaa56608f4fc894e997c4b27baa0e5f438343ea86c2cef92b4b5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c01922a91ba20f51233415617a84bf8a9428d435209a3652885d2ed2a5a0a51
20db0c3bf43a575df4a5994bd255ba98995de504caf4e42bf69c4099322c570d
22f61e3c92503da4251e64188b02643249d7f286ba317fb0f3c7e2fc1d441feb
23076f7ea599bf71a1736b52510210600d94a97c9c66a71103037dbd020d14b0
23778aaa8fca97b4b709b97a249b56c0151d162ee40c2940a33db9acd05f5525
23b7ebc89f2b130802fc2dbcfe5d9fbe743a2b80e4f74c231614987aa64a4b2a
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
25c788c3d6b5a5f5931ef45abc5640af29b16f379c2e1634dc32c6c225327f38
260a9cc706f3cc9209f92eb65122df1c9d32b1cb32493712bc60989718a37017
279aa9b1a0e9a5684787c49ad0faa1e9e4e6bb05febf8c9b1150448f7b9bb6fc
2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c
2c1d53dcc4196b860fe5e16e9d68225516aec542a6cc88037b1b01d9cfac5abb
2c2b580e6548a93a351691b595d7e5d17db4e3a757365e263fd5843c4e2666de
2e53bbdf41db08d5017462fe9963a8ee505c7a8ff83756c5217635019a076465
2e8e045d8dc208648f556c6f2958acc486592bfe3f65e6cb52a0397d671e8c54
3042a8fdefa74cb852cea02334627e300052c0caefb629ebdefedac6af6bc434
31330177e8991a53d548dcf34f40562743e2aee089111546e19abeebdcc0031c
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3532368672f2dd90d43874177bbfd3996d3b543a61954b6161551d0e64c4ed0b
362160b017c2ced09da23538f1af257d84b84ed5726818b574655f09586e3d14
3647a7782f8e2b75d31cfe8fb6832dcdde93ae29c1705d4de14bab7414124e76
36e1bcc9b989fb6db187e1d90a156fc7610258d76b75d60db846cac5e1773a0a
3847b34f48dbd5b8bdd88297961a5ea449f385f8200491b7b9eb19179e5c9aad
3cc9c5ae79a86e309ecd7449cc98ca9358a1d3478bd754a51ba41a6486b4ee28
3e08a640ef9883ed1ca227f5b6c8507b8d160c4b776eb4c3fd1643c46ba202de
3f15f9f68f1905a2a7888dba63655f6e3f76d9aa3e0289b9ee76159a7fa3e66e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4097ee4cddc31a4bf077ec1b782e05cf34d1d2566361bf2a1772d31eddcbfa23
4139d674da71559e7a6d40714e7c056cb7bf495b1a0b2235b623314b3bd35ee9
4389b6324bc268e491e848bda6ed79bced0dfd27eed8a3bba5064ce8dc31607c
453211aa18a9b872c4085dc146af073e8b80f9163fbe61bbaebdc072b2f961a5
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
488e26450ee7d3ed3bab16617dfaf4388103668cc13a6ed0ff01d8ae54ba92a0
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4dc5c62e82198cbd8f0c6b014cb781090362a7261727e4e94af67d4530c2fdcf
4e64dc454c64e5e966049acaf2927518c4ca3780ebc5f317c9fe3675f3f95484
4f6253ed8b2f2cd1c583b8a2c00c48773bc3499348fb5ffcf88623d355e6fbfa
51af72617c6b7e3c7f630205a43d8a4b48bf5218649e3ba43c57f2dc86fc839d
52eeff048ba0a9ad5e8933b047808e7d1d4473a703206df4ae9163e497a323b8
530446db782fe70fc97ee915fda9c80d4588f42ecf8752240bbdc3ee93b0eb54
53edae990b0214fb99cb7fca9f88adf887f8381420005dd822b8f29d8e45e47a
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
54987faa79c6cfe31b25aa501a0ff11643961628ed253320c5fd264edc605908
55c7530980e4e61b5e4e1c069aa333f6027e5f42c1ecf5e82afcb803a7944ac3
57b69a5d2497c9bfab9379502d363650a0c80482f016f325671004b52b2004ef
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
5994a2619dd3523146b0f5d13fc32f78bd6b71d8a8b0cd4552a36020c0abe32b
5ad1ada905b63f51fad9ed28df01b250243411c0ac175bd63858b99fb27c2566
5d0b7ca79fdaba90b6510fdef15fe1cfae35a3a5d691afaa6bf0d67aeb151ddd
5d13d3c4258bbb975792b3ab111178044cab7f2a055d9487e3dd0fe9969e6b01
5d90a69886e42a4e9f0846d4c1f9f23dcdc75408c46d2b846ec126767cd67a1a
5da1b7de6689ca5f3bd142b9810450d30f13ff29781ae85e91dc34603762d34c
5da9ba605b60dde327762404008a1769fe9f5f10fac46bcd7ef439ac78a85b22
5f42423214be84df9aec9f1f914104ade02ad1d1666e8b992cba3d8ceae6cf8f
605cb426f0098adc4f55d04db37e8c0e35ad11643ed6bf4e81bc078216536ff1
60bde0d59162a6f552ccc30dbf009b15adafbe7dd0a9a7e172f1f1223cbc4a26
617ad6cb6673e4c4b16a3e052460545087268544bc48bcedc73c1da3d57ef2b8
61bf79f76f519f671811efe14b27ddc95e10b9af03cca47512d6a26a987d06eb
6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b
655e8547a0f057f68c1a3bbe78d65bcdaee6bc402814d11e3b6fc1da6e0d9dfc
66465ebd86fafe9c9b43fc82fb90c35fcdb297d84e8505c84781f852ee634adb
66955b5087d6bed94ec817454ae7b1a4933a9fd7e080057db23a979c00807c36
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68a2f5408e23fff3191107403382d049267063746287597c031f03363b07d347
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d8a57163c2ee2afd8e0d8d549d77d39aaf31cc886df2f657fadddd3d6175690
6effca717b96e01df14f62a31f203fc6872a3d02d03260b871b80c6587857dfc
7261c8e70a39596d1883d77a972583704b890dc90d324b18da1316a435a0aa6c
728989160940483303a234b3fb212ddfa73fb01f4d3e8297bdca02fe338984cc
72fb1f14a5ea7076f8c45ff04deea8fe3f2ce74c4088894e689bbea3588b6c35
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7563541499e034f86ffe7537dc7ee368729ae7273a76525ea85666659ebd9aa1
76a9524b85686f781e58191dd1e8f007f89260e55ce18a215b3b8ab24173f5e3
7bddafdc733df0484df8781cdf65cb202ddbba45a673be66993c85f20b373f56
7ceb84bb889cfdbf56768d6100b3c60b575ca2e737f11036ad84f716ab48828f
7f9011643877bb596d6706fc07741c52d37611db321a9aa9c23e3c61c61c4e53
829ca88db1aeaac79bdf3dbca983eb694f3c60aef3242c78664e1baac24ae9fd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83df9bec7a4a317d64facab8f3c95f431fbf9d69bbf331b4ffbc3771ffa9f8b4
841c35c906471ee846da36387953cacea70508642db6435125f050cc1ca5552d
84679104ae5c944ae050cbc63a766e7fc5fd6b452b52bd43eb1409a09e1abe4f
848671de5f4be979d9bf84202ea17a37b0d04331ddca386a9d89a276d2527a66
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86b7cbfbdf0fc5d41f3f19e934c81ee9817b7b3ea00ced9098f8fb10a1fddae6
875ff40dceb5fcc7db6c433a14d4717a9111f91e954806a589b184dd6f3a37ae
87b398fc8cefb519857895b0d7c05880bd2ad94a5f1a573c7ef917550a089dc0
8907c988abce36758d87a639ef2ddaa025c0338402a80f4e71b7b2450cc7861c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a36d7ac92ba44363735fed9401ccb9e5bc57237a42f095a5bfb2d6f5e8e8077
8c998ffcf15ab8e06af1ff07056cca85e82b748aaca47f84d9a2589f7dd87f0b
8cc7ae3b673afd107048431d550a9394193b6675b9246748b803bfb186f38baa
8ce1050c30402d547132ceb641be9f0461831425f1595b285c151e4be6e5bc82
8d0f032a36376c34d8177550d77a02e7af0b3a16748604f75f60b3fcee93597d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0ad5130791c908cb5fa8d265e120e62a5d6b36ddd4498887fff71e0b9da65b
9663008b21ba661df31ff7888fdaec7c7e5cfd876c0d230ffffa4f58bc85315a
971a68b3449c49ae5cda00d562c132ec945d7d57d065f53b8e694c831d69cc40
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cd3b8bb6ee4c2a5e37812d19f52c7761f2a5fba13c800d9219f41ed29e0f86e
9cd92ccf84ca6c2adcb7691de026ae46f47632e344b71ee6e08c43f38f0a59f5
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
9f1508da4c7e232fecfa9d9ca9c8d6d4097d449c91b20d51903af021612c1214
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a28e50349ea796322ab3a962bb46e8ab067021cc1fca46f44b5c97848b41be93
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3093b16d611b82e5614ee677fe2b91117da368cd2fdcb5040208f45a3b064b4
a458f23b677473bc3c451f9ad5c787833d1e3184e0f619ca9cef54920d834250
a49f3a596465ec35441ddef2884e107916aab09d37dedcd36d785a4e313c0043
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a584112c99f122716818890312c69c444ae9548a266613122e6519c9696ae58b
a5b16299d0a5df077ced1c539f488357e144dcebe92da1ab311f5ab3496c429d
a7c39868fc1fc707911067e2198b65860f351942aa5fdca625d52b24de8545bb
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
aab86aae5b6c16c1f933242f51b0a0f2b271c8ce121cbf1c4ab26992a371098f
ab072ac2e55d0a50997943a7397b1cb68f21fb8345d8c6151b943c212d7e0b94
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad10580a2db4f25c804967541e45bbe8de75394a4ec28adc6fc8c9c28d9b3c9a
ad696dcf60d004405a54c7779fdee7cecf9c4b6a26caf54d578b1a37efbbbf87
ae2ed4b8fbc524f51f6595c5cbcd253b9b91ef47e9a4fddbeed736557738f405
b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b58e022100b6ae68908b62f2edd7138fb33b2c7c43eaf7fd574ff72e2d2f1895
b8c98b94edd1f2b0aa52f92bb16df5c2e5f4886d0cce3f1afad8799f025cfe54
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
ba3120cd3e500e4e1dac5b32912ffb4293228fada472fbb669e1b8e9d9633aa9
bad2d6145e7686c901419c66a3874a615901c676868035af01af880ceb61ca26
bf6e8e99637ae7b71cd78cc5d62076b6f9816f14651352e715f6c0418cfe6985
c0881ca9043f0df79de88ed93a4d0bccc1afe89262fe434d57df0e7f84c9a8de
c090873a1e12a29de4e7aa7b577e95ec35fb5acda5543f6698ba8144247ff84d
c1cb7e666aac799c701ea306891535b67d836829a49da744a5de44f786b01c8a
c227e6d4a034ee99d5033d25707e2c731dc106218b8baf0b1d0367baf1b34fdf
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6bff859b3b49168126cd9cee9329adb4bd8ecfdd49b2c0fecbb2dee20e27531
c979be3ca2ea19a41e656e1372c36f4677da11ace44f40c27c2c48bfe5a33cca
c97f73c766e717d6cd3f5f361b965072347db7d8130231f641d7e327b9ebaab6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3
ce3cd6ca8329615550e0d1a11922eaf81e1adbcd7b9e778cd5c35a3f24c0bf2b
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf66b61bca0510837aaa251ca481767532561126a23c8b88933f6845a38e4adf
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
d4ca30a6391c4acab8ea415f560050c9af4d686a3e5079a200d44a139fad840c
d5203632316433d0b9f60e322b4d2793ae39f8b222f90500a8f39de28e8d206b
d5f24931f3757f9403a0bcf5c720a0a01032acda3da55cb60a2946c15a38e58f
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d69c9298bee2cd9f7527bbe6a9bde61e22a92a5787681b112226f3eb3dbbfc4c
d757fca93bda8aa28c406d9965974769403dad2dce62fd929d5210fbd5a78679
de801a6f991d316f47266c418f572a480f52ef28c983cb1f1049f58d7559b180
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e12ea3b76e382cfd15e2a3f112d6058bcf90251ad065272df99d0f5de3f65748
e1a8366c0eea238a36ac12ba3abb660c3fd9e6b58fafe2344ee1e724042e7567
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e611b3761183e4c4c2ed014d8151f053f43de00db700287377417df654ca1485
e757b70cd73e6395853158e41ac29165458caaa29fc7bfa35df8f56d0e890683
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
e9b2f2daa7cd71e8740f3565703089639f3be38b4ce83394fd2ca75154916456
eadbf6a4d2f7a0d4739fbccf56bdc624b208ef39517eb9f56a85fdc5ac4c1f99
eb9773e5213a5136d7c72fe6937ee8eb47d890cd304a480d0302a4f693d5f8b8
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee42648d9360a0e1a91f88085e383b9b222ed29fb408e994b83194d8866276f3
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
eec41df109696ad2ad9731a3efd28e1f828a6deef6a5a066b0fdf2b69d1adba6
ef01ef9cb68a5e8701d35c52a520d631acd805d540ed282ecb9d4b500099a1d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28d450e9e78470ffbc658f02741baacbaa9f343c2947c662a652e88528e98c1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f708d63b613a6a935d93312e180d2528ad879ccaef4957eb98121d3b50df0ad5
f7211af27ad06f36979ee7affa38ccc69a3606d0c817fba38c95b1a86f386249
f8154ba70fd1df54a3c6c07e487d8ecca0e10cafcae08c3f90532591a0d12899
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
f8b5f1520c414c318127a22e30c0dccce4804a52ee38c9d7365ab6ac3582ffc3
faf876a2056667d7be18d07acc5aa32c406762eedf238f5f4265d62ba556a67d

oglobo.globo.com Open in urlscan Pro 201.7.177.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

309 Requests

100 %HTTPS

34 %IPv6

64 Domains

113 Subdomains

86 IPs

10 Countries

2839 kBTransfer

8778 kBSize

31 Cookies

33 Outgoing links

Redirected requests

309 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

oglobo.globo.com Open in urlscan Pro
201.7.177.131 Public Scan

Screenshot
Live screenshot

Full Image

309
Requests

100 %
HTTPS

34 %
IPv6

64
Domains

113
Subdomains

86
IPs

10
Countries

2839 kB
Transfer

8778 kB
Size

31
Cookies

309 HTTP transactions
4 data transactions